FKIE_CVE-2013-0169
Vulnerability from fkie_nvd - Published: 2013-02-08 19:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2F01ED-AB65-4006-AE2A-E9F73791D436",
"versionEndIncluding": "0.9.8x",
"versionStartIncluding": "0.9.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "581DC050-33FB-408D-AB43-D3D796BCBBDE",
"versionEndIncluding": "1.0.0j",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02E6874F-3469-4173-92DE-1E90F0B241FB",
"versionEndIncluding": "1.0.1d",
"versionStartIncluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5C58642D-8504-4D3B-A411-96B83CFCD05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "603BED29-3B3F-49AD-A518-E68B40AE8484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "0F03670F-559C-433D-8AE8-A3C16F05E1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "3A294535-7190-4C33-910D-0520F575D800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "52A6300A-98F2-4E5A-909E-895A6C5B1D04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "2280FB93-81A0-4BF4-AD7E-C9EAD277B379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "1E42E405-91ED-4F41-A2EE-CECB27EB4951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "11BCE518-1A35-44DE-9B40-B89E7637F830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "46D0BB1F-FA76-4185-ACD4-587DFB24CFF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "D27FDDD5-083F-4A83-836F-BDCEB94894FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "30BF0C2F-BF35-41B8-BC6A-F2DACE6A9A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "EE05CDF7-1C43-46BF-9A7E-56B31BC1C837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "A520D505-7BDC-4E82-8A43-7C50AEE2B222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "5ADF3C32-6663-4003-B7D6-CE3D02AFF45E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "F15C4440-6283-433E-998E-856DA7ED4DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "C729FF50-6E41-4CEB-888A-E0FBD69B7897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB0AB341-46CE-4851-899A-B09C81A9792E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "68EF7AC1-0179-4E10-89DD-5DA33682B3F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "243726CF-F79A-4487-8807-FFA0AC86760B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "5DECF6EC-B787-4CBA-936C-527864B504DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "3C70C7D7-4E28-49D9-A007-EB186E85E5B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "99B2B1A1-C3E5-4A32-8F5A-4BA8664E7537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "3F57C81C-446F-462C-BB64-65F87D1AA28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "7CFFA025-08DC-4AEF-AAE3-B20ECCB0946E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "ACBA03CE-2EF2-4C51-B796-54C65C3CFBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "085241E5-F958-43DD-AB0A-35EAF6954CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "20CD7414-1D66-4311-90FB-5D53C0C22D82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "6DCB646B-3F17-427D-AE89-039FCA1F6D7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FA2AB84A-05D5-4091-B225-7762A73D45BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "5A5A15F9-5047-4BB9-9B3E-A00998B6E7C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "11A0378E-0D41-4FE0-8DAF-A01B66D814DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "942C51A3-87AC-4DB5-BAB9-3771A19C472A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "C34819D3-615F-4CEE-BEAA-CE48BC2E53BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "D97A141E-5FC0-4B79-ABAA-82F6DE857625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "D32EAE02-B313-47AC-A1A3-BBF58A692E02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "81EA5E3B-7EA9-45A4-9B69-2DD96471A731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "27DED59D-C293-4D36-B194-B1645CD798C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "DC3ADCB9-C4B7-4D30-932B-415C317870F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "06FB52F8-8702-4795-BA47-28A1D007952F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "3FDD48A5-9956-4AE6-9899-40D0830719FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "875DAD00-C396-4F45-8C39-843686D5C3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "F45FA1E6-D848-482B-BB3F-5B02E837EE60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "94A59C56-6A9B-4630-ACBD-45359451120D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "795C1133-BF5E-4B07-A448-13EFAFEED9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "DF20B7CE-1CD3-4D1E-9C5F-E9594A5135D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "3206CF31-0EF2-4351-A077-1F8935965492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "D2E1A163-7376-41C9-A0FF-C8C3B192B73A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21684D8F-C925-4BBE-A9E5-3799C84BDB13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE3EE93-6274-4996-A843-D2DF3249E06C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBD7490-815C-4E93-AD6C-5BBF1E3D6AD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C08BCF-F438-4862-B93A-76282A4129D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA654207-3F1A-4737-AA1C-523DBD420D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09D1B837-15DB-4A37-AF13-9FE6D894C084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA214D9-E535-4F68-9A23-504121748700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "131EF818-747C-47F0-A69B-7F55CCA93F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C938F-CE5E-4955-8702-ABE9B635E337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DC2818-EBB5-4A14-9468-57737B04F5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.99:pre1:*:*:*:*:*:*",
"matchCriteriaId": "F0D9D498-444E-4E92-B2A1-C8D72FA59F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.99:pre3:*:*:*:*:*:*",
"matchCriteriaId": "4D9AE2FA-068E-4F9E-BA3B-69123D9B0A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.99:pre4:*:*:*:*:*:*",
"matchCriteriaId": "22EA88C6-E217-4D1F-981B-096930A7728C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:0.99:pre5:*:*:*:*:*:*",
"matchCriteriaId": "0BB29D8D-8287-4B5B-967F-55DCA0C0ED2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E25A1C90-15E9-4577-B25D-855D48C4F4E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BC3056-6CF9-4C6A-9F03-C8812CA10AF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:1.1.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "02CE9326-279B-4CFE-8FBD-4450793D9C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:1.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7513F8AC-A847-412D-B657-9426E4C6C020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE920F-DBD6-4D01-87E1-26FA10101692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F1E192-D0F2-476E-A7A9-AFB031687533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9DDE3F-26AE-41E0-9433-E5C018C699E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:polarssl:polarssl:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40F9819E-798E-4DA6-A7E4-39A85B68A5F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue."
},
{
"lang": "es",
"value": "El protocolo TLS v1.1 y v1.2 y el protocolo DTLS v1.0 y v1.2, tal como se utiliza en OpenSSL, OpenJDK, PolarSSL, y otros productos, no considera adecuadamente ataques a un requisito de verificaci\u00f3n MAC durante el proceso de relleno CBC malformado, lo que permite a atacantes remotos para realizar ataques distintivos y los ataques de recuperaci\u00f3n de texto plano trav\u00e9s del an\u00e1lisis estad\u00edstico de los datos de tiempo de los paquetes hechos a mano, tambi\u00e9n conocido como el \"Lucky Thirteen\" de emisi\u00f3n."
}
],
"evaluatorComment": "Per http://www.openssl.org/news/vulnerabilities.html:\nFixed in OpenSSL 1.0.1d (Affected 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1) \nFixed in OpenSSL 1.0.0k (Affected 1.0.0j, 1.0.0i, 1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0) \nFixed in OpenSSL 0.9.8y (Affected 0.9.8x, 0.9.8w, 0.9.8v, 0.9.8u, 0.9.8t, 0.9.8s, 0.9.8r, 0.9.8q, 0.9.8p, 0.9.8o, 0.9.8n, 0.9.8m, 0.9.8l, 0.9.8k, 0.9.8j, 0.9.8i, 0.9.8h, 0.9.8g, 0.9.8f, 0.9.8d, 0.9.8c, 0.9.8b, 0.9.8a, 0.9.8)\n\nAffected users should upgrade to OpenSSL 1.0.1e, 1.0.0k or 0.9.8y\n(The fix in 1.0.1d wasn\u0027t complete, so please use 1.0.1e or later)",
"id": "CVE-2013-0169",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-02-08T19:55:01.030",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0782.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0783.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/53623"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55108"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55139"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55322"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55350"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55351"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5880"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2621"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2622"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/737740"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.matrixssl.org/news.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openssl.org/news/secadv_20130204.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57778"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029190"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.splunk.com/view/SP-CAAAHXG"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1735-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA13-051A.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841"
},
{
"source": "secalert@redhat.com",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016"
},
{
"source": "secalert@redhat.com",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424"
},
{
"source": "secalert@redhat.com",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://puppet.com/security/cve/cve-2013-0169"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0782.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0783.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/53623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/55351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/737740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.matrixssl.org/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openssl.org/news/secadv_20130204.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.splunk.com/view/SP-CAAAHXG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1735-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA13-051A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://puppet.com/security/cve/cve-2013-0169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…