Details of VAR-200408-0145

ID

VAR-200408-0145

CVE

CVE-2004-0230

TITLE

The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements

Trust: 0.8

sources: CERT/CC: VU#415294

DESCRIPTION

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. TCP Has a sequence number TCP There is a problem that it is justified if it is within the window. Therefore, there is a vulnerability that makes it easy to guess the external sequence number when establishing a long-term connection that increases the window size. Note that products affected by this vulnerability TCP Covers many products with implementation. For more information, NISCC-236929 (JVN) , NISCC Advisory 236929 (CPNI Advisory 00391) Please check also.A third party TCP By predicting the sequence number of a particular TCP Service operation interruption such as forcibly terminating a connection (DoS) There is a possibility of being attacked. A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequence numbers. This will permit a remote attacker to inject a SYN or RST packet into the session, causing it to be reset and effectively allowing denial-of-service attacks. An attacker would exploit this issue by sending a packet to a receiving implementation with an approximated sequence number and a forged source IP and TCP port. Few factors may present viable target implementations, such as imlementations that: - depend on long-lived TCP connections - have known or easily guessed IP address endpoints - have known or easily guessed TCP source ports. As a result, this issue is likely to affect a number of routing platforms. Note also that while a number of vendors have confirmed this issue in various products, investigations are ongoing and it is likely that many other vendors and products will turn out to be vulnerable as the issue is investigated further. Other consequences may also result from this issue, such as injecting specific data in TCP sessions, but this has not been confirmed. **Update: Microsoft platforms are also reported prone to this vulnerability. Vendor reports indicate that an attacker will require knowledge of the IP address and port numbers of the source and destination of an existent legitimate TCP connection in order to exploit this vulnerability on Microsoft platforms. The following products and versions are affected: Oracle Solaris 10, 11; Openpgp 2.6.2; Mcafee Network Data Loss Prevention 8.6 and earlier, 9.2.0, 9.2.1, 9.2.2; Netbsd 1.5, Version 1.5.1, Version 1.5.2, Version 1.5.3, Version 1.6, Version 1.6.1, Version 1.6.2, Version 2.0; Xinuos Openserver Version 5.0.6, Version 5.0.7; Juniper Networks Junos OS; Xinuos Unixware Version 7.1.1, Version 7.1.3. ---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Avaya Intuity Audix TCP Connection Reset Vulnerability SECUNIA ADVISORY ID: SA15263 VERIFY ADVISORY: http://secunia.com/advisories/15263/ CRITICAL: Less critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Avaya Intuity Audix R5 http://secunia.com/product/4586/ DESCRIPTION: Avaya has acknowledged a vulnerability in Intuity Audix, which can be exploited by malicious people to reset established TCP connections on a vulnerable system. For more information: SA11440 SOLUTION: A patch will reportedly be included in the next major release. ORIGINAL ADVISORY: Avaya: http://support.avaya.com/elmodocs2/security/ASA-2005-097_SCASA-2005-14.pdf OTHER REFERENCES: SA11440: http://secunia.com/advisories/11440/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Routing operations would recover quickly after such attacks ended. I. Description In 2001, the CERT Coordination Center released CA-2001-09, describing statistical weaknesses in various TCP/IP Initial Sequence generators. In that document (<http://www.cert.org/advisories/CA-2001-09.html>), it was noted by Tim Newsham: [I]f a sequence number within the receive window is known, an attacker can inject data into the session stream or terminate the connection. If the ISN value is known and the number of bytes sent already sent is known, an attacker can send a simple packet to inject data or kill the session. Paul Watson has performed the statistical analysis of this attack when the ISN is not known and has pointed out that such an attack could be viable when specifically taking into account the TCP Window size. He has also created a proof-of-concept tool demonstrating the practicality of the attack. The National Infrastructure Security Co-Ordination Centre (NISCC) has published an advisory summarizing Paul Watson's analysis in "NISCC Vulnerability Advisory 236929," available at <http://www.uniras.gov.uk/vuls/2004/236929/index.htm>. Since TCP is an insecure protocol, it is possible to inject transport-layer packets into sessions between hosts given the right preconditions. For detailed information about BGP and some tips for securing it, please see Cisco System's documentation (<http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm> or Team Cymru (<http://www.cymru.com/>). This may result in a brief loss of service until the fresh routing tables are created. When this is taken into account, instead of attempting to send a spoofed packet with all potential sequence numbers, the attacker would only need to calculate an valid sequence number that falls within the next expected ISN plus or minus half the window size. According to Paul Watson's report, with a typical xDSL data connection (80 Kbps, upstream) capable of sending of 250 packets per second (pps) to a session with a TCP Window size of 65,535 bytes, it would be possible to inject a TCP packet approximately every 5 minutes. It would take approximately 15 seconds with a T-1 (1.544 Mbps) connection. These numbers are significant when large numbers of compromised machines (often called "botnets" or "zombies") can be used to generate large amounts of packets that can be directed at a particular host. To protect against such injections, RFC 2385 provides a method of using MD5 signatures on the TCP Headers. If this form of verification is supported and enabled between two peers, then an attacker would have to obtain the key used to transmit the packet in order to successfully inject a packet into the TCP session. Another alternative would be to tunnel BGP over IPSec. Again, this would provide a form of authentication between the BGP peers and the data that they transmit. The lack of authentication when using TCP for BGP makes this type of attack more viable. US-CERT is tracking this issue as VU#415294. This reference number corresponds to CVE candidate CAN-2004-0230. NISCC is tracking this issue as Advisory 236929. II. Impacts could range from data corruption or session hijacking to a denial-of-service condition. III. Solution Apply a patch from your vendor Please see you vendor's statement regarding the availability of patches, updates and mitigation strategies. The lack of cryptographically-strong security options for the TCP header itself is a deficiency that technologies like IPSec try to address. It must be noted that in the final analysis that if an attacker has the ability to see unencrypted TCP traffic generated from a site, that site is vulnerable to various TCP attacks - not just those mentioned here. A stronger measure that would aid in protecting against such TCP attacks is end-to-end cryptographic solutions like those outlined in various IPSec documents. The key idea with an end-to-end cryptographic solution is that there is some secure verification that a given packet belongs in a particular stream. However, the communications layer at which this cryptography is implemented will determine its effectiveness in repelling ISN based attacks. Solutions that operate above the Transport Layer (OSI Layer 4), such as SSL/TLS and SSH1/SSH2, only prevent arbitrary packets from being inserted into a session. They are unable to prevent a connection reset (denial of service) since the connection handling will be done by a lower level protocol (i.e., TCP). On the other hand, Network Layer (OSI Layer 3) cryptographic solutions such as IPSec prevent both arbitrary packets entering a transport-layer stream and connection resets because connection management is directly integrated into the secure Network Layer security model. The solutions presented above have the desirable attribute of not requiring any changes to the TCP protocol or implementations to be made. RFC2385 ("Protection of BGP Sessions via the TCP MD5 Signature Option") and other technologies provide options for adding cryptographic protection within the TCP header at the cost of some potential denial of service, interoperability, and performance issues. Ingress filtering Ingress filtering manages the flow of traffic as it enters a network under your administrative control. You can configure your BGP routers to only accept packets on a specific network connection. Servers are typically the only machines that need to accept inbound connections from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound connections to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound connections to non-authorized services. In this fashion, the effectiveness of many intruder scanning techniques can be dramatically reduced. Network Isolation Complex networks can benefit by separating data channels and control channels, such as BGP, into different logical or physical networks. Technologies such as VLANs, VPNs, leased links, NAT may all be able to contribute to separating the tranmission of control information from the transmission of the data stream. Egress filtering Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound connections to the Internet. In the case of BGP, only your BGP routers should be establishing connections to your peers. Other BGP traffic generated on your network could be a sign of an attempted attack. Appendix A. As vendors report new information to US-CERT, we will update the vulnerability note. If a particular vendor is not listed in either the NISCC advisory, or the vulnerability, we recommend that you contact them for their comments. _________________________________________________________________ US-CERT thanks Paul Watson, Cisco Systems and NISCC for notifying us about this problem and for helping us to construct this advisory. _________________________________________________________________ Feedback can be directed to the US-CERT Technical Staff. _________________________________________________________________ Copyright 2004 Carnegie Mellon University. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory:\xa0TCP Vulnerabilities in Multiple IOS-Based Cisco Products Revision 1.0 For Public Release 2004 April 20 21:00 UTC (GMT) - ------------------------------------------------------------------------- Summary ======= A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality. This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS\xae software. A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml. The severity of the exposure depends upon the protocols and applications that utilize TCP. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer), and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). Details ======= TCP is the transport layer protocol designed to provide connection-oriented reliable delivery of a data stream. To accomplish this, TCP uses a mixture of flags to indicate state and sequence numbers to identify the order in which the packets are to be reassembled. The acknowledgement number is not used in a packet with the reset (RST) flag set because a reset does not expect a packet in return. The full specification of the TCP protocol can be found at http://www.ietf.org/rfc/rfc0793.txt. According to the RFC793 specification, it is possible to reset an established TCP connection by sending a packet with the RST or synchronize (SYN) flag set. However, the sequence number does not have to be an exact match; it is sufficient to fall within the advertised window. This significantly decreases the effort required by an adversary: the larger the window, the easier it is to reset the connection. The destination TCP port is usually known for all standard services (for example, 23 for Telnet, 80 for HTTP). Cisco IOS software uses predictable ephemeral ports for known services with a predictable increment (the next port which will be used for a subsequent connection). These values, while constant for a particular Cisco IOS software version and protocol, can vary from one release to another. Here is an example of a normal termination of a TCP session: Host(1) Host(2) | | | | | ACK ack=1001, window=5000 | |<----------------------------| | | Host(1) is closing the session | RST seq=1001 | |---------------------------->| | | Host(2) is closing the session In addition, the following scenario is also permitted: Host(1) Host(2) | | | | | ACK ack=1001, window=5000 | |<----------------------------| | | Host(1) is closing the session | RST seq=4321 | |---------------------------->| | | Host(2) is closing the session Note how, in the second example, the RST packet was able to terminate the session although the sequence number was not the next expected one (which is 1001). As a general rule, all protocols where a TCP connection stays established for longer than one minute should be considered exposed. The exposure on this vulnerability can be described as follows: * Cisco IOS - All devices running Cisco IOS software are vulnerable. Sessions passing through the device are vulnerable only if the originating or receiving device is vulnerable, but they cannot be attacked on the router itself. This vulnerability does not compromise data integrity or confidentiality. It only affects availability. This vulnerability is documented in the Cisco Bug Toolkit as Bug IDs CSCed27956 ( registered customers only) and CSCed38527 ( registered customers only) . * Cisco IOS Firewall (IOS FW) - The Cisco IOS FW monitors packets passing throughout the router and maintains the session state internally. This way, it is possible to "open" required ports and allow traffic to pass and then close them after the session has finished. Since Cisco IOS FW intercepts and examines all packets passing through the device, all TCP sessions passing through the Cisco IOS FW are vulnerable to this attack. This is valid even if the originating and receiving devices themselves are not vulnerable. This vulnerability is documented in the Cisco Bug Toolkit as Bug ID CSCed93836 ( registered customers only) . * Network Address Translation (NAT) - This vulnerability does not have any effect on NAT. The NAT functionality simply rewrites ports and IP addresses. This feature does not interprete TCP flags and therefore is not vulnerable to this attack. However, the attacking packet will be passed through the router and the receiving device can be affected. Impact ====== The impact will be different for each specific protocol. While in the majority of cases a TCP connection will be automatically re-established, in some specific protocols a second order of consequences may have a larger impact than tearing down the connection itself. Both external and internal (eBGP and iBGP) sessions are equally vulnerable. If an adversary tears down a BGP session between two routers, then all routes which were advertised between these two peers will be withdrawn. This would occur immediately for the router which has been attacked and after the next update/keepalive packet is sent by the other router. The BGP peering session itself will be re-established within a minute after the attack. Depending upon the exact routing configuration, withdrawal of the routes may have any of the following consequences: * No adverse effects at all if an appropriate static route(s) has(have) been defined on both sides of the affected session. * The traffic will be rerouted along other paths. This may cause some congestion along these paths. * A portion of the network will be completely isolated and unreachable. If a BGP peering session is broken a few times within a short time interval, then BGP route dampening may be invoked. Dampening means that affected routes will be withdrawn from the Internet routing table for some period of time. By default that time is 45 minutes. During that time, all of the traffic whose route was advertised over the attacked BGP session will either be rerouted or a portion of the network will be unreachable. Route dampening is not enabled by default. Cisco IOS Firewall Feature Set - ------------------------------ It is possible to terminate an established TCP-based connection even if both endpoints are not vulnerable to this attack. Software Versions and Fixes =========================== Each row of the table describes a release train and the platforms or products for which it is intended. If a given release train is vulnerable, then the earliest possible releases that contain the fix and the anticipated date of availability for each are listed in the Rebuild, Interim, and Maintenance columns. In some cases, no rebuild of a particular release is planned; this is marked with the label "Not scheduled." A device running any release in the given train that is earlier than the release in a specific column (less than the earliest fixed release) is known to be vulnerable, and it should be upgraded at least to the indicated release or a later version (greater than the earliest fixed release label). When selecting a release, keep in mind the following definitions: * Maintenance Most heavily tested and highly recommended release of any label in a given row of the table. * Rebuild Constructed from the previous maintenance or major release in the same train, it contains the fix for a specific vulnerability. Although it receives less testing, it contains only the minimal changes necessary to effect the repair. Cisco has made available several rebuilds of mainline trains to address this vulnerability, but strongly recommends running only the latest maintenance release on mainline trains. * Interim Built at regular intervals between maintenance releases and receives less testing. Interims should be selected only if there is no other suitable release that addresses the vulnerability, and interim images should be upgraded to the next available maintenance release as soon as possible. Interim releases are not available through manufacturing, and usually they are not available for customer download from CCO without prior arrangement with the Cisco Technical Assistance Center (TAC). In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco TAC for assistance, as shown in the section following this table. Fixed Cisco IOS Software Images for Cisco IOS Firewall +------------+---------------------------------+ | Major | Availability of Repaired | | Release | Releases* | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.1-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.1 | 12.1 | | | | | (22c) | | | +------------+---------+---------+-------------+ | 12.1E | 12.1 | | | | | (19)E7 | | | | +---------+---------+-------------+ | | | | | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.2-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.2 | 12.2 | | | | | (21b) | | | | +---------+---------+-------------+ | | 12.2 | | | | | (23a) | | | +------------+---------+---------+-------------+ | 12.2T | 12.2 | | | | | (11)T11 | | | | +---------+---------+-------------+ | | 12.2 | | | | | (13)T12 | | | | +---------+---------+-------------+ | | 12.2 | | | | | (15)T12 | | | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.3-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.3 | 12.3 | | | | | (5c) | | | | +---------+---------+-------------+ | | 12.3 | | | | | (6a) | | | +------------+---------+---------+-------------+ | 12.3T | 12.3(4) | | | | | T4 | | | +------------+---------+---------+-------------+ Fixed Cisco IOS Software Releases and Migration Path +----------+-------------------------------------+ | Major | Availability of Repaired Releases* | | Release | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.1 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.1 | 11.1 Vulnerable. Migrate to 11.2 | +----------+-------------------------------------+ | 11.1AA | 11.1AA Vulnerable. Migrate to 11.2P | +----------+-------------------------------------+ | 11.1CC | 11.1CC Vulnerable. Migrate to 12.0 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.2 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.2 | 11.2(26f) | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 11.2P | 11.2(26)P6 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 11.2SA | 11.2(8)SA6 Vulnerable. Migrate to | | | 12.0 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.3 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.3 | 11.3 Vulnerable. Migrate to 12.0 | | +-------------+---------+-------------+ | | 11.3(11b)T4 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | | +-------------+---------+-------------+ | | 11.3(11e) | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.0 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.0 | 12.0(28) | | | +----------+-------------+---------+-------------+ | 12.0DA | 12.0DA Vulnerable. Migrate to | | | 12.2DA | +----------+-------------------------------------+ | 12.0DB | 12.0DB Vulnerable. Migrate to | | | 12.1DB | +----------+-------------------------------------+ | 12.0DC | 12.0DC Vulnerable. Migrate to | | | 12.1DC | +----------+-------------+---------+-------------+ | 12.0S | 12.0(27)S | | | | +-------------+---------+-------------+ | | 12.0(26)S2 | | | | +-------------+---------+-------------+ | | 12.0(16)S11 | | | | +-------------+---------+-------------+ | | 12.0(24)S5 | | | | +-------------+---------+-------------+ | | 12.0(25)S3 | | | | +-------------+---------+-------------+ | | 12.0(23)S6 | | | +----------+-------------+---------+-------------+ | 12.0SL | 12.0SL Vulnerable. Migrate to 12.0 | | | (23)S3 | +----------+-------------------------------------+ | 12.0ST | 12.0ST Vulnerable. Migrate to 12.0 | | | (26)S2 | +----------+-------------------------------------+ | 12.0SX | 12.0(25)SX4 Not built - contact TAC | +----------+-------------------------------------+ | 12.0SZ | 12.0SZ Vulnerable. Migrate to 12.0 | | | (26)S2 | +----------+-------------------------------------+ | 12.0T | 12.0T Vulnerable. Migrate to 12.1 | +----------+-------------+---------+-------------+ | 12.0W5 | 12.0(28)W5 | | | | | (30) | | | +----------+-------------+---------+-------------+ | 12.0WC | 12.0(5)WC9a | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 12.0WT | 12.0(13)WT Vulnerable. End of | | | Engineering | +----------+-------------------------------------+ | 12.0WX | 12.0(4)WX Vulnerable. Migrate to | | | 12.0W5 | +----------+-------------------------------------+ | 12.0XA | 12.0(1)XA Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XB | 12.0(1)XB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.0XC | 12.0(2)XC Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XD | 12.0(2)XD Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XE | 12.0(7)XE Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.0XG | 12.0(3)XG Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XH | 12.0(4)XH Vulnerable. Migrate to | | | 12.1 | +----------+-------------------------------------+ | 12.0XI | 12.0(4)XI Vulnerable. Migrate to | | | 12.1 | +----------+-------------------------------------+ | 12.0XJ | 12.0(4)XJ Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XK | 12.0(7)XK Vulnerable. Migrate to | | | 12.1T Latest | +----------+-------------------------------------+ | 12.0XL | 12.0(4)XL Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.0XM | 12.0(4)XM Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.0XN | 12.0(5)XN Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XP | 12.0(5.1)XP Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XQ | 12.0(5)XQ Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XR | 12.0(7)XR Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.0XS | 12.0(5)XS Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.0XU | 12.0(5)XU Vulnerable. Migrate to | | | 12.0(5)WC | +----------+-------------------------------------+ | 12.0XV | 12.0(7)XV Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.1 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.1 | 12.1(20a) | | | | +-------------+---------+-------------+ | | 12.1(4c) | | | | +-------------+---------+-------------+ | | 12.1(22a) | | | +----------+-------------+---------+-------------+ | 12.1AA | 12.1(10)AA Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------+---------+-------------+ | 12.1AX | 12.1(14)AX | | | +----------+-------------+---------+-------------+ | 12.1AY | 12.1(13)AY Vulnerable. Migrate to | | | 12.1(14)EA1 | +----------+-------------------------------------+ | 12.1DA | 12.2DA Vulnerable. Migrate to | | | 12.2DA | +----------+-------------------------------------+ | 12.1DB | 12.1(5)DB Vulnerable. Migrate to | | | 12.2B | +----------+-------------+---------+-------------+ | 12.1E | 12.1(19)E7 | | | | +-------------+---------+-------------+ | | 12.1(22)E1 | | | | +-------------+---------+-------------+ | | 12.1(11b) | | | | | E14 | | | | +-------------+---------+-------------+ | | 12.1(20)E2 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.1(19)E6 | | | | +-------------+---------+-------------+ | | 12.1(13)E13 | | | | +-------------+---------+-------------+ | | 12.1(8b)E18 | | | | +-------------+---------+-------------+ | | 12.1(14)E10 | | | | +-------------+---------+-------------+ | | 12.1(13)E14 | | | +----------+-------------+---------+-------------+ | 12.1EA | 12.1(20)EA1 | | | +----------+-------------+---------+-------------+ | 12.1EB | 12.1(20)EB | | | +----------+-------------+---------+-------------+ | 12.1EC | 12.1(20)EC | | | +----------+-------------+---------+-------------+ | 12.1EO | 12.1(20)EO | | | | +-------------+---------+-------------+ | | 12.1(19)EO2 | | | | | Available | | | | | on | | | | | 2004-Apr-25 | | | +----------+-------------+---------+-------------+ | 12.1EU | 12.1(20)EU | | | +----------+-------------+---------+-------------+ | 12.1EV | 12.1(12c)EV Vulnerable. Migrate to | | | 12.2(RLS4)S | +----------+-------------+---------+-------------+ | 12.1EW | 12.1(20)EW2 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 12.1EX | 12.1EX Vulnerable. Migrate to 12.1 | | | (14)E | +----------+-------------------------------------+ | 12.1EY | 12.1(10)EY Vulnerable. Migrate to | | | 12.1(14)E | +----------+-------------+---------+-------------+ | 12.1T | 12.1(5)T17 | | | +----------+-------------+---------+-------------+ | 12.1XA | 12.1(1)XA Vulnerable. Migrate to | | | 12.1(5)T18 | +----------+-------------------------------------+ | 12.1XB | 12.1(1)XB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XC | 12.1(1)XC Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XD | 12.1(1)XD Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XE | 12.1(1)XE Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.1XF | 12.1(2)XF Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XG | 12.1(3)XG Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XH | 12.1(2a)XH Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XI | 12.1(3a)XI Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.1XJ | 12.1(3)XJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XL | 12.1(3)XL Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XM | 12.1(5)XM Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XP | 12.1(3)XP Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XQ | 12.1(3)XQ Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XR | 12.1(5)XR Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XT | 12.1(3)XT Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XU | 12.1(5)XU Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XV | 12.1(5)XV Vulnerable. Migrate to | | | 12.2XB | +----------+-------------------------------------+ | 12.1YA | 12.1(5)YA Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.1YB | 12.1(5)YB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1YC | 12.1(5)YC Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1YD | 12.1(5)YD Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.1YE | 12.1(5)YE5 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YF | 12.1(5)YF2 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YH | 12.1(5)YH2 Vulnerable. Migrate to | | | 12.2(13)T | +----------+-------------------------------------+ | 12.1YI | 12.1(5)YI2 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YJ | 12.1(11)YJ Vulnerable. Migrate to | | | 12.1EA Latest | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.2 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.2 | 12.2(19b) | | | | +-------------+---------+-------------+ | | 12.2(16f) | | | | +-------------+---------+-------------+ | | 12.2(21a) | | | | +-------------+---------+-------------+ | | 12.2(23) | | | | +-------------+---------+-------------+ | | 12.2(12i) | | | | +-------------+---------+-------------+ | | 12.2(10g) | | | | +-------------+---------+-------------+ | | 12.2(13e) | | | | +-------------+---------+-------------+ | | 12.2(17d) | | | | +-------------+---------+-------------+ | | 12.2(21b) | | | | +-------------+---------+-------------+ | | 12.2(23a) | | | +----------+-------------+---------+-------------+ | 12.2B | 12.2(2)B - 12.2(4)B7 Vulnerable. | | | Migrate to 12.2(13)T12 | | +-------------------------------------+ | | 12.2(4)B8 AND FWD Vulnerable. | | | Migrate to 12.3(5a)B1 | +----------+-------------+---------+-------------+ | 12.2BC | 12.2(15) | | | | | BC1C | | | +----------+-------------+---------+-------------+ | 12.2BW | 12.2(4)BW Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------+---------+-------------+ | 12.2BX | 12.2(16)BX2 | | | +----------+-------------+---------+-------------+ | 12.2BY | 12.2(4)BY Vulnerable. Migrate to | | | 12.2(15)B | | +-------------------------------------+ | | 12.2(8)BY Vulnerable. Migrate to | | | 12.2(8)ZB | | +-------------------------------------+ | | 12.2(2)BY Vulnerable. Migrate to | | | 12.2(8)BZ | +----------+-------------------------------------+ | 12.2BZ | 12.2(15)BZ Vulnerable. Migrate to | | | 12.2(16)BX | +----------+-------------------------------------+ | 12.2CX | 12.2(11)CX Vulnerable. Migrate to | | | 12.2(15)BC | +----------+-------------------------------------+ | 12.2CY | 12.2(11)CY Vulnerable. Migrate to | | | 12.2(13)BC1C | +----------+-------------------------------------+ | 12.2DD | 12.2DD Vulnerable. Migrate to 12.2 | | | (4)B1 | +----------+-------------------------------------+ | 12.2DX | 12.2(1)DX Vulnerable. Migrate to | | | 12.2DD | | +-------------------------------------+ | | 12.2(2)DX Vulnerable. Migrate to | | | 12.2B Latest | +----------+-------------+---------+-------------+ | 12.2EW | 12.2(18)EW | | | +----------+-------------+---------+-------------+ | 12.2JA | 12.2(13)JA4 | | | | +-------------+---------+-------------+ | | 12.2(13)JA2 | | | | +-------------+---------+-------------+ | | 12.2(11)JA3 | | | +----------+-------------+---------+-------------+ | 12.2MC | 12.2(15) | | | | | MC1B | | | +----------+-------------+---------+-------------+ | 12.2S | 12.2(22)S | | | | +-------------+---------+-------------+ | | 12.2(14)S7 | | | | +-------------+---------+-------------+ | | 12.2(20)S1 | | | | +-------------+---------+-------------+ | | 12.2(20)S3 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | | +-------------+---------+-------------+ | | 12.2(18)S3 | | | +----------+-------------+---------+-------------+ | 12.2SE | 12.2(18)SE | | | +----------+-------------+---------+-------------+ | 12.2SW | 12.2(21)SW | | | +----------+-------------+---------+-------------+ | 12.2SX | 12.2(17a) | | | | | SX2 | | | +----------+-------------+---------+-------------+ | 12.2SXA | 12.2(17b) | | | | | SXA1 | | | +----------+-------------+---------+-------------+ | 12.2SXB | 12.2(17d)SXB1 Not built - contact | | | TAC | +----------+-------------+---------+-------------+ | 12.2SY | 12.2(14)SY3 | | | +----------+-------------+---------+-------------+ | 12.2SZ | 12.2(14)SZ6 | | | +----------+-------------+---------+-------------+ | 12.2T | 12.2(15)T11 | | | | +-------------+---------+-------------+ | | 12.2(13)T12 | | | | +-------------+---------+-------------+ | | 12.2(11)T11 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.2(13)T11 | | | +----------+-------------+---------+-------------+ | 12.2XA | 12.2(2)XA Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XB | 12.2(2)XB Vulnerable. Migrate to | | | 12.2(15)T | +----------+-------------------------------------+ | 12.2XC | 12.2(2)XC Vulnerable. Migrate to | | | 12.2(8)ZB | +----------+-------------------------------------+ | 12.2XD | 12.2(1)XD Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XE | 12.2(1)XE Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XF | 12.2(1)XF1 Vulnerable. Migrate to | | | 12.2(4)BC1C | +----------+-------------------------------------+ | 12.2XG | 12.2(2)XG Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.2XH | 12.2(2)XH Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XI | 12.2(2)XI2 Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XJ | 12.2(2)XJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XK | 12.2(2)XK Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XL | 12.2(4)XL Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XM | 12.2(4)XM Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XN | 12.2(2)XN Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XQ | 12.2(2)XQ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XS | 12.2(1)XS Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XT | 12.2(2)XT Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XU | 12.2(2)XU Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XW | 12.2(4)XW Vulnerable. Migrate to | | | 12.2(13)T12 | +----------+-------------------------------------+ | 12.2YA | 12.2(4)YA Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YB | 12.2(4)YB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YC | 12.2(2)YC Vulnerable. Migrate to | | | 12.2(11)T11 | +----------+-------------------------------------+ | 12.2YD | 12.2(8)YD Vulnerable. Migrate to | | | 12.2(8)YY | +----------+-------------------------------------+ | 12.2YE | 12.2(9)YE Vulnerable. Migrate to | | | 12.2S | +----------+-------------------------------------+ | 12.2YF | 12.2(4)YF Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YG | 12.2(4)YG Vulnerable. Migrate to | | | 12.2(13)T12 | +----------+-------------------------------------+ | 12.2YH | 12.2(4)YH Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YJ | 12.2(8)YJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YK | 12.2(2)YK Vulnerable. Migrate to | | | 12.2(13)ZC | +----------+-------------------------------------+ | 12.2YL | 12.2(8)YL Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YM | 12.2(8)YM Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YN | 12.2(8)YN Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YO | 12.2(9)YO Vulnerable. Migrate to | | | 12.2(14)SY | +----------+-------------------------------------+ | 12.2YP | 12.2(11)YP Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.2YQ | 12.2(11)YQ Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YR | 12.2(11)YR Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YS | 12.2(11)YS Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2YT | 12.2(11)YT Vulnerable. Migrate to | | | 12.2(15)T | +----------+-------------------------------------+ | 12.2YU | 12.2(11)YU Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YV | 12.2(11)YV Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2YW | 12.2(8)YW Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YX | 12.2(11)YX Vulnerable. Migrate to | | | 12.2(RLS3)S | +----------+-------------------------------------+ | 12.2YY | 12.2(8)YY Vulnerable. Migrate to | | | 12.3(1)T | +----------+-------------------------------------+ | 12.2YZ | 12.2(11)YZ Vulnerable. Migrate to | | | 12.2(14)SZ | +----------+-------------+---------+-------------+ | 12.2ZA | 12.2(14)ZA6 | | | +----------+-------------+---------+-------------+ | 12.2ZB | 12.2(8)ZB Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2ZC | 12.2(13)ZC Vulnerable. Migrate to | | | 12.3T | +----------+-------------+---------+-------------+ | 12.2ZD | 12.2(13)ZD1 | | | +----------+-------------+---------+-------------+ | 12.2ZE | 12.2(13)ZE Vulnerable. Migrate to | | | 12.3 | +----------+-------------------------------------+ | 12.2ZF | 12.2(13)ZF Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZG | 12.2(13)ZG Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZH | 12.2(13)ZH Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZI | 12.2(11)ZI Vulnerable. Migrate to | | | 12.2(18)S | +----------+-------------+---------+-------------+ | 12.2ZJ | 12.2(15)ZJ5 | | | | +-------------+---------+-------------+ | | 12.2(15)ZJ4 | | | +----------+-------------+---------+-------------+ | 12.2ZK | 12.2(15)ZK Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2ZL | 12.2(15)ZL Vulnerable. Migrate to | | | 12.3(7)T | +----------+-------------------------------------+ | 12.2ZN | 12.2(15)ZN Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------+---------+-------------+ | 12.2ZP | 12.2(13)ZP3 | | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.3 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.3 | 12.3(3e) | | | | +-------------+---------+-------------+ | | 12.3(6) | | | | +-------------+---------+-------------+ | | 12.3(5b) | | | +----------+-------------+---------+-------------+ | 12.3B | 12.3(5a)B | | | | +-------------+---------+-------------+ | | 12.3(3)B1 | | | +----------+-------------+---------+-------------+ | 12.3BW | 12.3(1a)BW Vulnerable. Migrate to | | | 12.3B | +----------+-------------+---------+-------------+ | 12.3T | 12.3(2)T4 | | | | +-------------+---------+-------------+ | | 12.3(7)T1 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.3(4)T3 | | | +----------+-------------+---------+-------------+ | 12.3XA | 12.3(2)XA Vulnerable. Contact TAC. | +----------+-------------+---------+-------------+ | 12.3XB | 12.3(2)XB2 | | | +----------+-------------+---------+-------------+ | 12.3XC | 12.3(2)XC2 | | | +----------+-------------+---------+-------------+ | 12.3XD | 12.3(4)XD1 | | | +----------+-------------+---------+-------------+ | 12.3XE | 12.3(2)XE Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.3XF | 12.3(2)XF Vulnerable. Contact TAC | | | if needed. | +----------+-------------+---------+-------------+ | 12.3XG | 12.3(4)XG | | | +----------+-------------+---------+-------------+ | 12.3XH | 12.3(4)XH | | | +----------+-------------+---------+-------------+ | 12.3XI | 12.3(7)XI Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.3XJ | 12.3(7)XJ Vulnerable. Contact TAC | | | if needed | +----------+-------------+---------+-------------+ | 12.3XK | 12.3(4)XK | | | +----------+-------------+---------+-------------+ | 12.3XL | 12.3(7)XL Vulnerable. Contact Tac | | | if needed | +----------+-------------------------------------+ | 12.3XM | 12.3(9)XM Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | 12.3XN | 12.3(4)XN Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | 12.3XQ | 12.3(4)XQ Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | * All dates are estimated and subject to | | change. | | | | ** Interim releases are subjected to less | | rigorous testing than regular maintenance | | releases, and may have serious bugs. | +------------------------------------------------+ Obtaining Fixed Software ======================== Customers with Service Contracts Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third-party Support Organizations Customers whose Cisco products are provided or maintained through prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers should contact that support organization for assistance with the upgrade, which should be free of charge. Customers without Service Contracts Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com See http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including special localized telephone numbers and instructions and e-mail addresses for use in various languages. Please have your product serial number available and give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software upgrades. Workarounds =========== The effectiveness of any workaround is dependent on specific customer situations such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround is the most appropriate for use in the intended network before it is deployed. There are no workarounds available to mitigate the effects of this vulnerability on Cisco IOS Firewall. For BGP, we will present the workaround and only a few mitigation techniques. For additional information regarding BGP security risk assessment, mitigation techniques, and deployment best practices, please consult ftp://ftp-eng.cisco.com/cons/isp/security/ BGP-Risk-Assesment-v.pdf. * BGP MD5 secret The workaround for BGP is to configure MD5 secret for each session between peers. This can be configured as shown in the following example: router(config)#router bgp <AS-_number> router(config-router)#neighbor <IP_address> password <enter_your_secret_here> It is necessary to configure the same shared MD5 secret on both peers and at the same time. Failure to do so will break the existing BGP session and the new session will not get established until the exact same secret is configured on both devices. For a detailed discussion on how to configure BGP, refer to the following document http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/ products_configuration_guide_chapter09186a00800ca571.html . Once the secret is configured, it is prudent to change it periodically. The exact period must fit within your company security policy but it should not be longer than a few months. When changing the secret, again it must be done at the same time on both devices. Failure to do so will break your existing BGP session. The exception is if your Cisco IOS software release contains the integrated CSCdx23494 ( registered customers only) fix. With this fix, the BGP session will not be terminated when the MD5 secret is changed only on one side. The BGP updates, however, will not be processed until either the same secret is configured on both devices or the secret is removed from both devices. It is possible to mitigate the exposure for BGP on this vulnerability by applying one or more of the following measures which will lessen the potential for the necessary spoofing required to implement a successful attack: * Blocking access to the core infrastructure Although it is often difficult to block traffic transiting your network, it is possible to identify traffic which should never be allowed to target your infrastructure devices and block that traffic at the border of your network. Infrastructure access control lists (ACLs) are considered a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The white paper entitled "Protecting Your Core: Infrastructure Protection Access Control Lists", available at http://www.cisco.com/warp/public/707/ iacl.html, presents guidelines and recommended deployment techniques for infrastructure protection ACLs. Exceptions would include any devices which have a legitimate reason to access your infrastructure (for example, BGP peers, NTP sources, DNS serves, and so on). All other traffic must be able to traverse your network without terminating on any of your devices. * Configure anti-spoofing measures on the network edge In order for an adversary to use the attack vector described in this advisory, it must send packets with the source IP address equal to one of the BGP peers. You can block spoofed packets either using the Unicast Reverse Path Forwarding (uRPF) feature or by using access control lists (ACLs). By enabling uRPF, all spoofed packets will be dropped at the first device. To enable uRPF, use the following commands: router(config)#ip cef router(config)#ip verify unicast reverse-path Please consult http://www.cisco.com/en/US/products/sw/iosswrel/ps1835 /products_configuration_guide_chapter09186a00800ca7d4.html and ftp:// ftp-eng.cisco.com/cons/isp/security/URPF-ISP.pdf for further details on how uRPF works and how to configure it in various scenarios. This is especially important if you are using asymmetric routing. ACLs should also be deployed as close to the edge as possible. Unlike uRPF, you must specify the exact IP range that is permitted. Specifying which addresses should be blocked is not the optimal solution because it tends to be harder to maintain. Caution: In order for anti-spoofing measures to be effective, they must be deployed at least one hop away from the devices which are being protected. Ideally, they will be deployed at the network edge facing your customers. * Packet rate limiting RST packets are rate-limited in Cisco IOS software by default. This feature is introduced in Cisco IOS Software Release 10.2. In the case of a storm of RST packets, they are effectively limited to one packet per second. In order to be successful, an attacker must terminate connection with the first few packets. Otherwise, the attack is deemed to be impracticably long. On the other hand, SYN packets are not rate-limited in any way. Rate limiting can be accomplished either by using Committed Access Rate (CAR) or by Control Plane Policing (CPP). While CPP is the recommended approach, it is available only for Cisco IOS Software Releases 12.2(18)S and 12.3(4)T. It is currently supported only on the following routers: 1751, 2600/2600-XM, 3700, 7200, and 7500 Series. CAR can be configured as follows: router(config)#access-list 103 deny tcp any host 10.1.1.1 established router(config)#access-list 103 permit tcp any host 10.0.0.1 router(config)#interface <interface> <interface #> router(config-if)#rate-limit input access-group 103 8000 8000 8000 conform-action transmit exceed-action drop For details on how to configure and deploy CPP, please consult the following document http://www.cisco.com/en/US/products/sw/iosswrel/ ps1838/products_white_paper09186a0080211f39.shtml Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. The exploitation of the vulnerability with packets having RST flag set (reset packets) was discovered by Paul (Tony) Watson of OSVDB.org. The extension of the attack vector to packets with SYN flag was discovered by the vendors cooperating on the resolution of this issue. Status of This Notice: INTERIM ============================== This is a INTERIM advisory. Although Cisco cannot guarantee the accuracy of all statements in this advisory, all of the facts have been checked to the best of our ability. Cisco does not anticipate issuing updated versions of this advisory unless there is some material change in the facts. Should there be a significant change in the facts, Cisco may update this advisory. A stand-alone copy or Paraphrase of the text of this Security Advisory that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory will be posted on Cisco's worldwide website at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml. In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-teams@first.org (includes CERT/CC) * bugtraq@securityfocus.com * vulnwatch@wulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.netsys.com * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +----------+-------------+----------------+ | Revision | 2004-Apr-20 | Initial public | | 1.0 | | release. | +----------+-------------+----------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/warp/public/707/ sec_incident_response.shtml. This includes instructions for press inquiries regarding Cisco Security Notices. All Cisco Security Advisories are available at http://www.cisco.com/go/psirt. - ------------------------------------------------------------------------- All contents are Copyright \xa9 1992-2004 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (Cygwin) iD8DBQFAhZTpezGozzK2tZARAkKXAJ9BWwuytT7zwoOL+RkZJPebYN3W3ACfV/+K 0Fd3MvvRlKSETCrlMGL/dZg= =eDSn -----END PGP SIGNATURE----- . The nonexhaustive list of vulnerable non-IOS based Cisco products is as follows: * Access Registrar * BPX, IGX, MGX WAN switches, and the Service Expansion Shelf * BR340, WGB340, AP340, AP350, BR350 Cisco/Aironet wireless products * Cache Engine 505 and 570 * CallManager * Catalyst 1200, 1900, 28xx, 29xx, 3000, 3900, 4000, 5000, 6000 * Cisco 8110 Broadband Network Termination Unit * Cisco Element Management Framework * Cisco Info Center * Cisco Intelligent Contact Management * Cisco MDS 9000 * Cisco ONS 15190/15194 IP Transport Concentrator * Cisco ONS 15327 Metro Edge Optical Transport Platform * Cisco ONS 15454 Optical Transport Platform * Cisco ONS 15531/15532 T31 OMDS Metro WDM System * Cisco ONS 15800/15801/15808 Dense Wave Division Multiplexing Platform * Cisco ONS 15830 T30 Optical Amplification System * Cisco ONS 15831/15832 T31 DWDM System * Cisco ONS 15863 T31 Submarine WDM System * Content Router 4430 and Content Delivery Manager 4630 and 4650 * Cisco Secure Intrusion Detection System (NetRanger) appliance and IDS Module * Cisco Secure PIX firewall * Cisco ws-x6608 and ws-x6624 IP Telephony Modules * CiscoWorks Windows * Content Engine 507, 560, 590, and 7320 * CSS11000 (Arrowpoint) Content Services Switch * Hosting Solution Engine * User Registration Tool VLAN Policy Server * Cisco FastHub 300 and 400 * CR-4430-B * Device Fault Manager * Internet CDN Content Engine 590 and 7320, Content Distribution Manager 4670, and Content Router 4450 * IP Phone (all models including ATA and VG248) * IP/TV * LightStream 1010 * LightStream 100 ATM Switches * LocalDirector * ME1100 series * MicroHub 1500,MicroSwitch 1538/1548 * Voice Manager * RTM * SN5400 series storage routers * Switch Probe * Unity Server * VG248 Analog Phone Gateway * Traffic Director * WAN Manager Products Confirmed Not Vulnerable ================================= The following products are not vulnerable: * Cisco VPN 3000 Series Concentrators * Cisco Firewall Services Module for Cisco Catalyst 6500 Series and Cisco 7600 Series (FWSM) Details ====== TCP is the transport layer protocol designed to provide connection-oriented reliable delivery of a data stream. The Cisco PSIRT has analyzed multiple TCP-based protocols, as they are used within our offering, and we believe that this vulnerability does not have a significant impact on them. We will present our analysis for a few protocols which have the potential for higher impact due to the long lived connections. Voice signaling H.225, H.245 (part of H.323 suite) - -------------------------------------------------- H.225 and H.245 protocols are used in voice signaling. Their purpose is to negotiate parameters for content transfer (voice or video). The established sessions persist for the duration of a call. Any call in progress is terminated when the signaling session is broken. A new signaling session will be established immediately for the new call, but terminated calls cannot be re-established. Each call from an IP telephone or softphone will result in the creation of a single signaling session. It is possible that a single signaling session is responsible for multiple calls, but that setup is used deeper within the Service Provider's network. Determining all necessary parameters for mounting an attack is deemed a non-trivial task if the network is designed according to the current best practices. Network Storage (iSCSI, FCIP) - ----------------------------- Network Storage products use two TCP-based protocols: SCSI over IP (iSCSI) and Fiber Channel over IP (FCIP). * SCSI over IP (iSCSI) iSCSI is used in a client/server environment. The client is your computer and it is only the client that initiates a connection. This connection is not shared with any other users. Terminating the session will not have any adverse consequences if people are using current drivers from Microsoft for Windows and from Cisco for Linux. These drivers will re-establish the session and continue transfer from the point where it was disconnected. Drivers from other vendors may behave differently. The user may notice that access to a virtual device is slightly slower than usual. * Fiber Channel over IP (FCIP) FCIP is a peer-to-peer protocol. It is used for mirroring data between switches. Each peer can initiate the session. Switches can, and should be in practice, configured in a mesh. Bringing one link down will cause traffic to be re-routed over other link(s). If an adversary can manage to terminate the session multiple times in a row, the user's application may terminate with a "Device unreachable" or similar error message. This does not have any influence on the switch itself and the user can retry the operation. The user may notice that access to a virtual device is slightly slower than usual. An occasional error message is possible. SSL/TLS connections can be used to encapsulate various kinds of traffic and these sessions can be long lived. An encrypted session can be attacked either on the originating or terminating host or on the firewalls in front of them (if they exist). | | | | Customers | | | | are | | | | encouraged | | | | to migrate | | | | to IOS. <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>NISCC Vulnerability Advisory 236929</title> <style>  </style> </head> <body bgcolor="#FFFFCC"> <div class=Section1 style="width: 100%;"> <div align="center"><img src="http://www.niscc.gov.uk/images/newtitle.gif" width="766" height="80" alt="National Infrastructure Security Co-Ordination Centre"></div> NISCC Vulnerability Advisory 236929 Vulnerability Issues in TCP Version Information <table border="1" width="61%"> <tr> <td width="58%">Advisory Reference</td> <td width="77%">236929</td> </tr> <tr> <td width="58%">Release Date</td> <td width="77%">20 April 2004</td> </tr> <tr> <td width="58%">Last Revision</td> <td width="77%">22 April 2004</td> </tr> <tr> <td width="58%">Version Number</td> <td width="77%">1.4</td> </tr> </table>   What is Affected? The vulnerability described in this advisory affects implementations of the Transmission Control Protocol (TCP) that comply with the Internet Engineering Task Force\x92s (IETF\x92s) Requests For Comments (RFCs) for TCP, including <a href="http://www.ietf.org/rfc/rfc0793.txt">RFC 793</a>, the original specification, and <a href="http://www.ietf.org/rfc/rfc1323.txt">RFC 1323</a>, TCP Extensions for High Performance. TCP is a core network protocol used in the majority of networked computer systems today. Many vendors include support for this protocol in their products and may be impacted to varying degrees. Severity The impact of this vulnerability varies by vendor and application, but in some deployment scenarios it is rated critical. Alternatively contact your vendor for product specific information. If exploited, the vulnerability could allow an attacker to create a Denial of Service condition against existing TCP connections, resulting in premature session termination. The resulting session termination will affect the application layer, the nature and severity of the effects being dependent on the application layer protocol. The primary dependency is on the duration of the TCP connection, with a further dependency on knowledge of the network (IP) addresses of the end points of the TCP connection. The Border Gateway Protocol (BGP) is judged to be potentially most affected by this vulnerability. BGP relies on a persistent TCP session between BGP peers. Resetting the connection can result in medium term unavailability due to the need to rebuild routing tables and route flapping.  Route flapping may result in route dampening (suppression) if the route flaps occur frequently within a short time interval.  The overall impact on BGP is likely to be moderate based on the likelihood of successful attack. If the TCP MD5 Signature Option and anti-spoofing measures are used then the impact will be low as these measures will successfully mitigate the vulnerability. There is a potential impact on other application protocols such as DNS (Domain Name System) and SSL (Secure Sockets Layer) in the case of zone transfers and ecommerce transactions respectively, but the duration of the sessions is relatively short and the sessions can be restarted without medium term unavailability problems. In the case of SSL it may be difficult to guess the source IP address. Data injection may be possible. However, this has not been demonstrated and appears to be problematic. The reason for this is that the receiving TCP implementation checks the sequence number of the RST or SYN packet, which is a 32 bit number, giving a probability of 1/232 of guessing the sequence number correctly (assuming a random distribution). The discoverer of the practicability of the RST attack was Paul A. Watson, who describes his research in his paper \x93Slipping In The Window: TCP Reset Attacks\x94, presented at the CanSecWest 2004 conference. In a RST/ACK packet an acknowledgement number is included in the packet, although it is not checked by the receiving TCP implementation.) <a href="http://www.ietf.org/rfc/rfc0793.txt">RFC 793</a>, p36, states the following: "In all states except SYN-SENT, all reset (RST) segments are validated by checking their SEQ-fields [sequence numbers]. In the SYN-SENT state (a RST received in response to an initial SYN), the RST is acceptable if the ACK field acknowledges the SYN." Resets must be processed immediately. <a href="http://www.ietf.org/rfc/rfc0793.txt">RFC 793</a>, p25, says "[\x85] [E]ven when the receive window is zero, a TCP must process the RST and URG fields of all incoming segments." It is also possible to perform the same attack with SYN (synchronise) packets. <a href="http://www.ietf.org/rfc/rfc0793.txt">RFC 793</a>, p31 states: \x93The principle reason for the three-way handshake is to prevent old duplicate connection initiations from causing confusion. To deal with this, a special control message, reset, has been devised. [\x85] If the TCP is in one of the synchronized states (ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, TIME-WAIT), it aborts the connection and informs its user.\x94 TCP window sizes are negotiated in the initial 3-way handshake used to set up a TCP connection, with higher values serving to improve throughput in some circumstances. Vendor-chosen defaults also influence the selection. An attacker seeking to disrupt an existing TCP connection must supply the 4-tuple correctly. As the source port varies, additional work is generally called for on the part of the attacker. However, research (referenced below) has shown that the process of source port selection on many platforms includes predictable elements, so that the attack remains practicable. By weighting 'likely' source port values carefully, an attacker can disrupt TCP implementations that employ a range of window sizes. Application layer protocols that are critically affected are those that: <table border="0" cellpadding="4" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6"> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Depend on long lived TCP connections</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Have known or easy-to-guess IP address end points</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Have easy to an easy-to-guess source TCP port</td> </tr> </table> As noted above BGP does use long lived TCP connections, and the IP addresses and source port (and destination port) are sometimes available through the use of BGP looking glasses (multi-source, multi-destination trace route tools) or DNS resource records. Using \x93trace route\x94 commands can provide information on peering point IP addresses. Thus BGP is likely to be critically affected by the TCP vulnerability. These denial of service attacks can be carried out by single machine, or by multiple co-operating systems (to form a distributed denial of service attack). It is also possible to inject packets, which will be processed if they are in the window. The difficulty with data injection attacks is that the receiving TCP implementation will reassemble the packets received according to sequence number, dropping any duplicate packets. Vendor specific information will be released as it becomes available and if vendor permission has been received. Subscribers are advised to check the following URL regularly for updates: <a href="http://www.uniras.gov.uk/vuls/2004/236929/index.htm">http://www.uniras.gov.uk/vuls/2004/236929/index.htm</a> [Please note that updates to this advisory will not be notified by email.] This vulnerability has been assigned the <a href="http://cve.mitre.org/cve">CVE</a> name <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230">CAN-2004-0230</a>. The <a href="http://www.osvdb.org">Open Source Vulnerability Database</a> ID number for this vulnerability is <a href="http://www.osvdb.org/displayvuln.php?osvdb_id=4030">4030</a>. Mitigation The following mitigation steps are still being evaluated and may be incomplete. Customers should work with vendors for the workaround most appropriate for the product in question. In the absence of vendor patching of the TCP implementation, the following are general mitigating steps: <table border="0" cellpadding="4" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4"> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="97%">Implement IP Security (IPSEC) which will encrypt traffic at the network layer, so TCP information will not be visible</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="97%">Reduce the TCP window size (although this could increase traffic loss and subsequent retransmission)</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="97%">Do not publish TCP source port information</td> </tr> </table> It should be noted that IPSEC provides confidentiality and authentication services at the network layer, and can provide a measure of trust in the authenticity of the end points as well as encryption of traffic between the end points.  However, in the context of the current attack IPSEC will reject RST and SYN packets that are not part of a secure IP packet stream. To change the TCP window size, in some Unix variants you can set a value of the default TCP windows size by using the \x93sysctl\x94 program (\x93ndd -set\x94 in the case of Sun Solaris). In the case of Microsoft Windows NT/2000/XP/2003, the default window size can be changed by modifying the value of the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters key. As noted above, great care should be exercised when altering the default TCP window size as network performance could be adversely affected. In the case of BGP, the following may counter the problem: <table border="0" cellpadding="4" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber5"> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Implement ingress and egress filtering to check that the traffic entering or leaving the network has a source IP address that is expected on the router/firewall interface that receives the traffic</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Implement the TCP MD5 Signature Option to checksum the TCP packet carrying the BGP application data (see <a href="http://www.ietf.org/rfc/rfc2385.txt">RFC 2385</a>), being careful to set and maintain strong (i.e. difficult to guess) passwords to which the MD5 checksum is applied.  Also see <a href="http://www.ietf.org/rfc/rfc3562.txt">RFC 3562</a> which discusses the security requirements of this keying material.</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Limit the amount of information available through looking glasses and DNS resource records, being careful not to expose TCP port information unnecessarily</td> </tr> </table> The IETF ingress filtering standard is defined in <a href="http://www.ietf.org/rfc/rfc2827.txt">RFC 2827</a>. A discussion of egress filtering can be found at <a href="http://www.sans.org/y2k/egress.htm">http://www.sans.org/y2k/egress.htm</a>. The use of the TCP MD5 Signature Option will prevent the exploitation of this vulnerability. Router customers should implement this on all BGP peering points if it is supported by the router, upgrading the router firmware if necessary. Solution Please refer to the Vendor Information section of this advisory for implementation specific remediation. Some vendors will have reduced the likelihood of successful denial of service by amending the TCP implementation to issue a further acknowledgment packet challenge for RST and SYN packets that do not have exactly the expected sequence number. <a href="http://www.ietf.org">The Internet Engineering Task Force</a> (IETF) has published an Internet Draft to co-incide with the release of this advisory.  The text of this draft is available from the IETF web site: <a href="http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt">http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt</a> NISCC has produced best practice guidelines for BGP available at <a href="http://www.niscc.gov.uk/BGP%20Filtering%20Guide.pdf">http://www.niscc.gov.uk/BGP Filtering Guide.pdf</a> Secure configuration templates for BGP implementations on Cisco IOS and Juniper JUNOS can be found at: <table border="0" cellpadding="4" cellspacing="1" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2"> <tr> <td width="3%">\x95 </td> <td width="11%">Cisco </td> <td width="99%"><a href="http://www.cymru.com/Documents/secure-bgp-template.html">http://www.cymru.com/Documents/secure-bgp-template.html </a></td> </tr> <tr> <td width="3%">\x95 </td> <td width="11%">Juniper </td> <td width="99%"> <a href="http://www.qorbit.net/documents/junos-bgp-template.pdf">http://www.qorbit.net/documents/junos-bgp-template.pdf </a> </td> </tr> </table> Guidance on tuning of the IP stack for a number of different UNIX operating systems is available at <a href="http://www.cymru.com/Documents/ip-stack-tuning.html">http://www.cymru.com/Documents/ip-stack-tuning.html </a> Vendor Information The following vendors have provided information about how their products are affected by these vulnerabilities. Please note that <a href="http://www.jpcert.or.jp">JPCERT/CC</a> have released a Japanese language advisory for this vulnerability which contains additional information regarding Japanese vendors. This advisory is available at <a href="http://www.jpcert.or.jp/at/2004/at040003.txt">http://www.jpcert.or.jp/at/2004/at040003.txt</a>. <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1"> <tr> <td width="33%"><a href="#certicom">Certicom</a></td> <td width="33%"><a href="#iij">Internet Initiative Japan, Inc</a></td> <td width="34%"><a href="#nec">NEC</a></td> </tr> <tr> <td width="33%"><a href="#checkpoint">Check Point</a></td> <td width="33%"><a href="#interniche">InterNiche</a></td> <td width="34%"><a href="#nortel">Nortel</a></td> </tr> <tr> <td width="33%"><a href="#cisco">Cisco</a></td> <td width="33%"><a href="#juniper">Juniper Networks</a></td> <td width="34%"><a href="#polycom">Polycom</a></td> </tr> <tr> <td width="33%"><a href="#cray">Cray Inc</a></td> <td width="33%"><a href="#lucent">Lucent Technologies</a></td> <td width="34%"><a href="#seccomp">Secure Computing Corporation</a></td> </tr> <tr> <td width="33%"><a href="#hitachi">Hitachi</a></td> <td width="33%"><a href="#mitel">Mitel Networks</a></td> <td width="34%"><a href="#yamaha">Yamaha</a></td> </tr> <tr> <td width="33%"><a href="#innovaphone">Innovaphone</a></td> <td width="33%"><a href="#mrlg">MRLG</a></td> <td width="34%"> </td> </tr> </table> <table border="0" width="100%" cellpadding="8" cellspacing="0"> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <a name="certicom"></a>Certicom</td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe">  </td> <td width="97%" bgcolor="#FFFFbe"> Certicom has examined the National Infrastructure Security Coordination Centre (NISCC) advisory and determined it is not vulnerable. Certicom Developer Toolkits for SSL (SSL Plus, SSL Plus for Java, Security Builder SSL-C and Security Builder SSL-J) do not provide a TCP/IP transport mechanism, but rather utilize the supported operating system's TCP/IP stack. The vulnerability is against the TCP/IP stack itself, and not directly against the functionality offered by Certicom toolkits. Therefore, there is no patch or workaround that can be implemented within Certicom products. The patch or workaround must be provided by the operating system vendor. Customers are urged to contact their operating system vendors to determine if they have provided a workaround to this advisory. If you have any further questions please do not hesitate to contact <a href="mailto:support@certicom.com">support@certicom.com</a>.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"><a name="checkpoint"></a> Check Point</td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf"> </td> <td width="97%" bgcolor="#FFFFaf">The latest release for VPN-1/FireWall-1 (R55 HFA-03) contains a protection against this vulnerability.  The protection applies to both the firewall device and to hosts behind the firewall. Please refer to the Check Point web site for further information at: <a HREF="http://www.checkpoint.com/techsupport/alerts/tcp_dos.html"> http://www.checkpoint.com/techsupport/alerts/tcp_dos.html</a>.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <a name="cisco"></a>Cisco</td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe">  </td> <td width="97%" bgcolor="#FFFFbe"> Cisco Systems is addressing the vulnerabilities identified by NISCC Vulnerability Advisory 236929 across its entire product line.  Cisco has released two related advisories: TCP Vulnerabilities in Multiple IOS-Based Cisco Products <a href="http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml">http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml</a> TCP Vulnerabilities in Multiple Non-IOS Cisco Products <a href="http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml">http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml</a></td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <a name="cray"></a>Cray Inc</td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf"> </td> <td width="97%" bgcolor="#FFFFaf">Cray Inc. is vulnerable on their UNICOS, UNICOS/mk and UNICOS/mp systems.  Spr's have been opened to track this issue.  Please contact your local Cray Service Representative for more information.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <a name="hitachi"></a>Hitachi</td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe">  </td> <td width="97%" bgcolor="#FFFFbe"> Hitachi is investigating the potential impact to Hitachi's products.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <a name="innovaphone"></a>Innovaphone</td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf"> </td> <td width="97%" bgcolor="#FFFFaf"> Not vulnerable.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <a name="iij"></a>Internet Initiative Japan, Inc (IIJ)</td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe">  </td> <td width="97%" bgcolor="#FFFFbe"> IIJ will release a new firmware to fix this vulnerability.  Details are available on their web site at <a href="http://www.seil.jp/en/ann/announce_en_20040421_01.txt"> http://www.seil.jp/en/ann/announce_en_20040421_01.txt</a>.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <a name="interniche"></a>InterNiche</td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf"> </td> <td width="97%" bgcolor="#FFFFaf">=== NicheStack v2.0 TCP/IP === InterNiche Technologies has updated its NicheStack v2.0 TCP/IP product to handle the scenarios described in NISCC Vulnerability Notice #236929.  The patch is available to all InterNiche customers in accordance with the terms of their current support agreements. More information can be found on <a href="http://www.iNiche.com">www.iNiche.com</a> or through <a href="mailto:support@iNiche.com">support@iNiche.com</a> === NicheLite v2.0 TCP/IP === InterNiche Technologies has updated its NicheLite v2.0 TCP/IP product to handle the scenarios described in NISCC Vulnerability Notice #236929.  The patch is available to all InterNiche customers in accordance with the terms of their current support agreements. More information can be found on <a href="http://www.iNiche.com">www.iNiche.com</a> or through <a href="mailto:support@iNiche.com">support@iNiche.com</a> </td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <a name="juniper"></a> Juniper Networks</td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe">  </td> <td width="97%" bgcolor="#FFFFbe"> Juniper Networks products are susceptible to this vulnerability. Customers should contact Juniper Networks Technical Assistance Center for availability and download instructions. Additional information is posted on our web site at <a href="https://www.juniper.net/support">https://www.juniper.net/support</a>. </td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <a name="lucent"></a>Lucent Technologies</td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf"> </td> <td width="97%" bgcolor="#FFFFaf">Lucent Technologies is aware of this vulnerability advisory and is investigating any potential impact to its product portfolio. As further information becomes available, Lucent will provide information directly to its customers, if appropriate.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <a name="mitel"></a>Mitel Networks</td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe">  </td> <td width="97%" bgcolor="#FFFFbe"> Mitel is aware of the vulnerability and is working with the vendors of our underlying networking software to assess the impact and, if necessary, determine potential solutions. When more information becomes available, an advisory will be issued. Please contact '<a href="mailto:security@mitel.com">security@mitel.com</a>' if you have specific questions.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <a name="mrlg"></a>MRLG</td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf"> </td> <td width="97%" bgcolor="#FFFFaf">A new version of the Multi-Router Looking Glass tool (4.3.0) has been released.  This includes a patch that prevents a remote user from utilising the "sh ip bgp neighbors" functionality.  This new version is available from <a href="ftp://ftp.enterzone.net/looking-glass/CURRENT/"> ftp://ftp.enterzone.net/looking-glass/CURRENT/</a>. </td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <a name="nec"></a>NEC</td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe">  </td> <td width="97%" bgcolor="#FFFFbe"> NEC is aware of this vulnerability and is trying to determine potential impacts on our products.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <a name="nortel"></a>Nortel Networks</td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf"> </td> <td width="97%" bgcolor="#FFFFaf">Nortel Networks has evaluated this issue and testing has confirmed that it is possible to successfully exploit this vulnerability. However, the preconditions for a successful exploitation require levels of access to the network that are unlikely to be achieved in a normal network operating environment; furthermore, such levels of access would enable other forms of attack with much greater impact than that achievable by exploiting this vulnerability. Nortel Networks is continuing to validate that this vulnerability has no serious consequences for Nortel equipment, and will update this statement periodically.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <a name="polycom"></a>Polycom</td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe">  </td> <td width="97%" bgcolor="#FFFFbe"> Polycom has investigated the potential impact to our products for NISCC Advisory 236929. Specific product information will be provided at <a HREF="http://www.polycom.com/securitycenter"> http://www.polycom.com/securitycenter</a>.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <a name="seccomp"></a>Secure Computing Corporation</td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf"> </td> <td width="97%" bgcolor="#FFFFaf">The Sidewinder and Sidewinder G2 firewalls offer protection against this attack at all releases. As application-layer firewalls, Sidewinder and Sidewinder G2 offer protection to systems behind the firewall as well as protecting management connections to the firewall.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <a name="yamaha"></a>Yamaha</td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe">  </td> <td width="97%" bgcolor="#FFFFbe"> Pending.</td> </tr> </table> Acknowledgements NISCC wishes to thank the following: <table border="0" cellpadding="6" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3"> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="197%">Steve Bellovin, Rob Thomas and Paul Watson for their contributions to this advisory.</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="197%">Cisco Systems Inc. and Juniper Networks Inc. for their help with the content of this advisory and for their support during the disclosure process.</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="197%">JPCERT/CC for their assistance in co-ordinating this disclosure in Japan.</td> </tr> </table> References <table border="0" cellpadding="4" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7"> <tr> <td width="2%"> </td> <td width="98%" colspan="3">Internet Engineering Task Force</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">RFC 793 Transmission Control Protocol</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc793.txt"> http://www.ietf.org/rfc/rfc793.txt</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">RFC 1323 TCP Extensions for High Performance</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="96%"><a href="http://www.ietf.org/rfc/rfc1323.txt"> http://www.ietf.org/rfc/rfc1323.txt</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">RFC 1771 A Border Gateway Protocol 4 (BGP-4)</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc1771.txt"> http://www.ietf.org/rfc/rfc1771.txt</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">RFC 2385 Protection of BGP Sessions via the TCP MD5 Signature Option</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc2385.txt"> http://www.ietf.org/rfc/rfc2385.txt</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">RFC 2827 Network Ingress Filtering</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc2827.txt"> http://www.ietf.org/rfc/rfc2827.txt</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">RFC 3562 Considerations for the TCP MD5 Signature Option</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc3562.txt"> http://www.ietf.org/rfc/rfc3562.txt</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">RFC 3682 Generalized TTL Security Mechanism</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc3682.txt"> http://www.ietf.org/rfc/rfc3682.txt</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">Internet Draft - Transmission Control Protocol security considerations</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"> <a href="http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt"> http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt</a></td> </tr> <tr> <td width="2%"> </td> <td width="98%" colspan="3">NISCC</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">Best Practice Guidelines - Border Gateway Protocol</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"> <a href="http://www.niscc.gov.uk/BGP%20Filtering%20Guide.pdf"> http://www.niscc.gov.uk/BGP Filtering Guide.pdf</a></td> </tr> <tr> <td width="2%"> </td> <td width="98%" colspan="3">Configuration and Tuning Guides</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">Secure BGP Template for Cisco IOS</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"> <a href="http://www.cymru.com/Documents/secure-bgp-template.html"> http://www.cymru.com/Documents/secure-bgp-template.html</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">JUNOS Secure BGP Template</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"> <a href="http://www.qorbit.net/documents/junos-bgp-template.pdf"> http://www.qorbit.net/documents/junos-bgp-template.pdf</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">UNIX IP Stack Tuning Guide</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"> <a href="http://www.cymru.com/Documents/ip-stack-tuning.html"> http://www.cymru.com/Documents/ip-stack-tuning.html</a></td> </tr> <tr> <td width="2%"> </td> <td width="98%" colspan="3">Other Documents</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">SANS discussion on egress filtering</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"><a href="http://www.sans.org/y2k/egress.htm"> http://www.sans.org/y2k/egress.htm</a></td> </tr> <tr> <td width="2%"> </td> <td width="98%" colspan="3">Vulnerability Databases</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">Common Vulnerabilities and Exposures (CVE)</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230"> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230</a></td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="96%" colspan="2">Open Source Vulnerability Database (OSVDB)</td> </tr> <tr> <td width="2%"> </td> <td width="2%"> </td> <td width="2%"> </td> <td width="94%"> <a href="http://www.osvdb.org/displayvuln.php?osvdb_id=4030"> http://www.osvdb.org/displayvuln.php?osvdb_id=4030</a></td> </tr> </table> Contact Information The NISCC Vulnerability Management Team can be contacted as follows: <table border="1" width="87%" cellspacing="3" cellpadding="5"> <tr> <td width="30%" valign="top">Email</td> <td width="70%"><a href="mailto:vulteam@niscc.gov.uk">vulteam@niscc.gov.uk</a> (Please quote the advisory reference in the subject line.)</td> </tr> <tr> <td width="30%" valign="top">Telephone</td> <td width="70%"> +44 (0)20 7821 1330 Extension 4511 (Monday to Friday 08:30 - 17:00)</td> </tr> <tr> <td width="30%" valign="top">Fax</td> <td width="70%"> +44 (0)20 7821 1686</td> </tr> <tr> <td width="30%" valign="top">Post</td> <td width="70%"> Vulnerability Management Team NISCC PO Box 832 London SW1P 1BG</td> </tr> </table> We encourage those who wish to communicate via email to make use of our PGP key. This is available from <a href="http://www.uniras.gov.uk/UNIRAS.asc">http://www.uniras.gov.uk/UNIRAS.asc</a>. Please note that UK government protectively marked material should not be sent to the email address above. If you wish to be added to our email distribution list, please email your request to <a href="mailto:uniras@niscc.gov.uk">uniras@niscc.gov.uk</a>. What is NISCC? For further information regarding the UK National Infrastructure Security Co-Ordination Centre, please visit the NISCC web site at: <a href="http://www.niscc.gov.uk/aboutniscc/index.htm">http://www.niscc.gov.uk/aboutniscc/index.htm</a> Reference to any specific commercial product, process or service by trade name, trademark manufacturer or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by NISCC. The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. Neither shall NISCC accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this notice. \xa9 2004 Crown Copyright Revision History <table border="0" width="100%"> <tr> <td width="23%"> April 20, 2004: </td> <td width="77%"> Initial release (1.0)</td> </tr> <tr> <td width="23%"> April 21, 2004:</td> <td width="77%"> Corrected hyperlinks (1.1)</td> </tr> <tr> <td width="23%">  </td> <td width="77%"> Inserted impact statement for Cisco (1.1)</td> </tr> <tr> <td width="23%">  </td> <td width="77%"> Inserted impact statement for Mitel (1.1)</td> </tr> <tr> <td width="23%">  </td> <td width="77%"> Inserted MRLG patch reference (1.2)</td> </tr> <tr> <td width="23%"> April 22, 2004:</td> <td width="77%"> Revised impact statement for Certicom (1.3)</td> </tr> <tr> <td width="23%">  </td> <td width="77%"> Inserted impact statement for Nortel Networks (1.3)</td> </tr> <tr> <td width="23%">  </td> <td width="77%"> Inserted impact statement for Secure Computing Corporation (1.3)</td> </tr> <tr> <td width="23%">  </td> <td width="77%"> Inserted references section (1.4)</td> </tr> <tr> <td width="23%">  </td> <td width="77%"> Inserted impact statement for Lucent Technologies (1.4)</td> </tr> </table> <End of NISCC Vulnerability Advisory> </div> </body> </html>. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:19.tcp Security Advisory The FreeBSD Project Topic: Denial of Service in TCP packet processing Category: core Module: inet Announced: 2014-09-16 Credits: Jonathan Looney (Juniper SIRT) Affects: All supported versions of FreeBSD. Corrected: 2014-09-16 09:48:35UTC (stable/10, 10.1-PRERELEASE) 2014-09-16 09:48:35 UTC (stable/10, 10.1-BETA1-p1) 2014-09-16 09:50:19 UTC (releng/10.0, 10.0-RELEASE-p9) 2014-09-16 09:49:11 UTC (stable/9, 9.3-STABLE) 2014-09-16 09:50:19 UTC (releng/9.3, 9.3-RELEASE-p2) 2014-09-16 09:50:19 UTC (releng/9.2, 9.2-RELEASE-p12) 2014-09-16 09:50:19 UTC (releng/9.1, 9.1-RELEASE-p19) 2014-09-16 09:49:11 UTC (stable/8, 8.4-STABLE) 2014-09-16 09:50:19 UTC (releng/8.4, 8.4-RELEASE-p16) CVE Name: CVE-2004-0230 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://security.FreeBSD.org/>. New TCP connections are initiated using special SYN flag in a datagram. Sequencing of data is controlled by 32-bit sequence numbers, that start with a random value and are increased using modulo 2**32 arithmetic. In case one of the two port numbers is unknown, a successful attack requires less than 2**17 packets spoofed, which can be generated within less than a second on a decent connection to the Internet. Workaround It is possible to defend against these attacks with stateful traffic inspection using a firewall. This can be done by enabling pf(4) on the system and creating states for every connection. Even a default ruleset to allow all traffic would be sufficient to mitigate this issue. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch # fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch.asc # gpg --verify tcp.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in <URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the system. 3) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r271668 releng/8.4/ r271669 stable/9/ r271668 releng/9.1/ r271669 releng/9.2/ r271669 releng/9.3/ r271669 stable/10/ r271667 releng/10.0/ r271669 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII

Trust: 3.33

sources: NVD: CVE-2004-0230 // CERT/CC: VU#415294 // JVNDB: JVNDB-2004-000150 // BID: 10183 // VULHUB: VHN-8660 // VULMON: CVE-2004-0230 // PACKETSTORM: 37558 // PACKETSTORM: 33143 // PACKETSTORM: 33160 // PACKETSTORM: 33159 // PACKETSTORM: 33152 // PACKETSTORM: 128284

AFFECTED PRODUCTS

vendor:	cisco	model:	catalyst csx	scope:	eq	version:	60005.3	Trust: 2.4
vendor:	oracle	model:	solaris	scope:	eq	version:	11	Trust: 2.1
vendor:	oracle	model:	solaris	scope:	eq	version:	10	Trust: 2.1
vendor:	netbsd	model:	netbsd	scope:	eq	version:	2.0	Trust: 2.1
vendor:	netbsd	model:	netbsd	scope:	eq	version:	1.6.2	Trust: 2.1
vendor:	netbsd	model:	netbsd	scope:	eq	version:	1.6.1	Trust: 2.1
vendor:	netbsd	model:	netbsd	scope:	eq	version:	1.6	Trust: 2.1
vendor:	netbsd	model:	netbsd	scope:	eq	version:	1.5.3	Trust: 2.1
vendor:	netbsd	model:	netbsd	scope:	eq	version:	1.5.2	Trust: 2.1
vendor:	netbsd	model:	netbsd	scope:	eq	version:	1.5.1	Trust: 2.1
vendor:	netbsd	model:	netbsd	scope:	eq	version:	1.5	Trust: 2.1
vendor:	xinuos	model:	unixware	scope:	eq	version:	7.1.1	Trust: 1.6
vendor:	xinuos	model:	unixware	scope:	eq	version:	7.1.3	Trust: 1.6
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30002.5.2	Trust: 1.5
vendor:	symantec	model:	nexland isb soho firewall appliance	scope:	-	version:	-	Trust: 1.1
vendor:	ibm	model:	aix	scope:	eq	version:	5.3	Trust: 1.1
vendor:	ibm	model:	aix	scope:	eq	version:	5.2	Trust: 1.1
vendor:	ibm	model:	aix	scope:	eq	version:	5.1	Trust: 1.1
vendor:	cisco	model:	wan manager	scope:	-	version:	-	Trust: 1.1
vendor:	cisco	model:	vg248 analog phone gateway	scope:	-	version:	-	Trust: 1.1
vendor:	cisco	model:	traffic director	scope:	-	version:	-	Trust: 1.1
vendor:	cisco	model:	rtm	scope:	-	version:	-	Trust: 1.1
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3	Trust: 1.1
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2	Trust: 1.1
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1	Trust: 1.1
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0	Trust: 1.1
vendor:	cisco	model:	lightstream	scope:	eq	version:	1010	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	12.3	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	12.1	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	12.0	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	11.3	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	11.2	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	11.1	Trust: 1.1
vendor:	cisco	model:	element management framework	scope:	-	version:	-	Trust: 1.1
vendor:	cisco	model:	content router	scope:	eq	version:	4450	Trust: 1.1
vendor:	cisco	model:	content router	scope:	eq	version:	4430	Trust: 1.1
vendor:	cisco	model:	content engine	scope:	eq	version:	560	Trust: 1.1
vendor:	cisco	model:	content engine	scope:	eq	version:	507	Trust: 1.1
vendor:	cisco	model:	channel port adapter	scope:	-	version:	-	Trust: 1.1
vendor:	cisco	model:	channel interface processor	scope:	-	version:	-	Trust: 1.1
vendor:	cisco	model:	call manager	scope:	-	version:	-	Trust: 1.1
vendor:	cisco	model:	access registrar	scope:	-	version:	-	Trust: 1.1
vendor:	mcafee	model:	network data loss prevention	scope:	eq	version:	9.2.0	Trust: 1.0
vendor:	openpgp	model:	openpgp	scope:	eq	version:	2.6.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	*	Trust: 1.0
vendor:	mcafee	model:	network data loss prevention	scope:	lte	version:	8.6	Trust: 1.0
vendor:	mcafee	model:	network data loss prevention	scope:	eq	version:	9.2.2	Trust: 1.0
vendor:	xinuos	model:	openserver	scope:	eq	version:	5.0.6	Trust: 1.0
vendor:	xinuos	model:	openserver	scope:	eq	version:	5.0.7	Trust: 1.0
vendor:	mcafee	model:	network data loss prevention	scope:	eq	version:	9.2.1	Trust: 1.0
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.1	Trust: 0.9
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5	Trust: 0.9
vendor:	cisco	model:	catalyst	scope:	eq	version:	50006.1	Trust: 0.9
vendor:	cisco	model:	catalyst	scope:	eq	version:	40006.1	Trust: 0.9
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.1	Trust: 0.9
vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	nortel	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	redback	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	sun microsystems	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ciscoworks voice manager	scope:	-	version:	-	Trust: 0.8
vendor:	internet initiative	model:	seil/turbo	scope:	lt	version:	ver.1.19 earlier firmware	Trust: 0.8
vendor:	cisco	model:	firewall services module	scope:	eq	version:	cisco 7600 for series )	Trust: 0.8
vendor:	cisco	model:	systems parallel channel port adapter	scope:	-	version:	-	Trust: 0.8
vendor:	internet initiative	model:	seil/neu	scope:	lt	version:	t1 ver.1.90 earlier ver.1.x firmware	Trust: 0.8
vendor:	hitachi	model:	sanrise	scope:	eq	version:	9500v series	Trust: 0.8
vendor:	cisco	model:	catalyst 2900 series	scope:	eq	version:	2948g-ge-tx	Trust: 0.8
vendor:	symantec	model:	gateway security 300 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ws-x6624-fxs	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	mgx 8230 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ons 15500 series	scope:	eq	version:	ons 15531/15532 t31	Trust: 0.8
vendor:	symantec	model:	enterprise firewall	scope:	eq	version:	7.0	Trust: 0.8
vendor:	fujitsu	model:	interstage application server	scope:	eq	version:	5.0/5.1/6.0	Trust: 0.8
vendor:	symantec	model:	gateway security 400 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	content router	scope:	eq	version:	cr-4430-b	Trust: 0.8
vendor:	cisco	model:	mgx 8250 series	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	gateway security 5300 series	scope:	eq	version:	v1.0	Trust: 0.8
vendor:	cisco	model:	fasthub 400 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ons 15800 series dwdm platforms	scope:	eq	version:	ons 15800/15801/15808	Trust: 0.8
vendor:	check point	model:	provider-1	scope:	eq	version:	ng with application intelligence (r55)	Trust: 0.8
vendor:	hewlett packard	model:	hp ethertwist switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	8110 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ciscoworks for windows	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	microswitch	scope:	eq	version:	1538/1548	Trust: 0.8
vendor:	cisco	model:	ws-x6608-e1	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ons 15830	scope:	eq	version:	t30 optical amplification system	Trust: 0.8
vendor:	microsoft	model:	windows xp	scope:	eq	version:	sp3	Trust: 0.8
vendor:	microsoft	model:	windows server 2003	scope:	-	version:	-	Trust: 0.8
vendor:	check point	model:	provider-1	scope:	eq	version:	ng fp3	Trust: 0.8
vendor:	cisco	model:	switchprobe	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ix3000 series	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	gateway security 5400 series	scope:	eq	version:	v2.x	Trust: 0.8
vendor:	cisco	model:	catalyst 2800 series	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage security director	scope:	eq	version:	v5.0l10/v5.0l20/v6.0l10	Trust: 0.8
vendor:	cisco	model:	bpx 8600 series	scope:	eq	version:	broadb network termination unit	Trust: 0.8
vendor:	check point	model:	vpn-1/firewall-1	scope:	eq	version:	ng with application intelligence (r55)	Trust: 0.8
vendor:	yamaha	model:	rt series	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	hp procurve routing switch	scope:	eq	version:	9300m series	Trust: 0.8
vendor:	cisco	model:	ip/tv	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	safegate	scope:	eq	version:	2.2.1	Trust: 0.8
vendor:	cisco	model:	me1100 series	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ix5000 series	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	gs4000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ciscoworks host solution engine	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 3000 series	scope:	-	version:	-	Trust: 0.8
vendor:	check point	model:	vpn-1/firewall-1	scope:	eq	version:	ng fp3	Trust: 0.8
vendor:	cisco	model:	catalyst 3900 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ws-x6608-t1	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	gr4000	scope:	-	version:	-	Trust: 0.8
vendor:	check point	model:	provider-1	scope:	eq	version:	ng with application intelligence (r54)	Trust: 0.8
vendor:	cisco	model:	ata 180 series	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	cx3200	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	mgx 8950 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	secure ids	scope:	eq	version:	(netranger) ids module	Trust: 0.8
vendor:	cisco	model:	ons 15400 series	scope:	eq	version:	ons 15454	Trust: 0.8
vendor:	cisco	model:	ons 15300 series	scope:	eq	version:	ons 15327	Trust: 0.8
vendor:	cisco	model:	ciscoworks wireless lan solution engine	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	fasthub 300 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	11.0	Trust: 0.8
vendor:	cisco	model:	secure user registration tool	scope:	-	version:	-	Trust: 0.8
vendor:	internet initiative	model:	seil/neu	scope:	eq	version:	2fe	Trust: 0.8
vendor:	cisco	model:	content switching module	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	gr2000	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	qx series	scope:	-	version:	-	Trust: 0.8
vendor:	internet initiative	model:	seil/neu	scope:	lt	version:	2fe plus ver.1.10 earlier firmware	Trust: 0.8
vendor:	cisco	model:	localdirector	scope:	-	version:	-	Trust: 0.8
vendor:	check point	model:	vpn-1/firewall-1	scope:	eq	version:	ng with application intelligence (r54)	Trust: 0.8
vendor:	microsoft	model:	windows 9x	scope:	eq	version:	98	Trust: 0.8
vendor:	cisco	model:	ons 15831	scope:	eq	version:	t31 dwdm system	Trust: 0.8
vendor:	cisco	model:	microhub	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	windows 9x	scope:	eq	version:	me	Trust: 0.8
vendor:	cisco	model:	sn 5400 series	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	router	scope:	eq	version:	( includes products other than routers tcp all products that implement )	Trust: 0.8
vendor:	internet initiative	model:	seil/neu	scope:	eq	version:	128	Trust: 0.8
vendor:	microsoft	model:	windows 2000	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	safegate	scope:	eq	version:	v2.0l20a	Trust: 0.8
vendor:	fujitsu	model:	interstage security director	scope:	eq	version:	v3.0l20/v4.0l10/v4.0l20	Trust: 0.8
vendor:	cisco	model:	catalyst 1900 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ciscoworks device fault manager	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	mgx 8220 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	igx 8400 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	content engine	scope:	eq	version:	590 7320	Trust: 0.8
vendor:	cisco	model:	aironet 350 series	scope:	-	version:	-	Trust: 0.8
vendor:	internet initiative	model:	seil/neu	scope:	lt	version:	t1 ver.2.22 earlier ver.2.x firmware	Trust: 0.8
vendor:	cisco	model:	ons 15100 series	scope:	eq	version:	ons 15190/15194	Trust: 0.8
vendor:	cisco	model:	internet cdn solution	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	univerge ip8800/s,/r series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	systems escon channel port adapter	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	firewall/vpn appliance	scope:	eq	version:	100/200/200r	Trust: 0.8
vendor:	hewlett packard	model:	hp advancestack switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 4000 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 2820 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firewall services module	scope:	eq	version:	(catalyst 6500	Trust: 0.8
vendor:	cisco	model:	aironet ap340 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	css 11000 series	scope:	eq	version:	css 11150	Trust: 0.8
vendor:	nec	model:	ix5500 series	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	gs3000	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	nexland pro series firewall appliance	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	velociraptor	scope:	eq	version:	1.5 model 1100/1200/1300	Trust: 0.8
vendor:	fujitsu	model:	interstage security director	scope:	eq	version:	4.0/4.1	Trust: 0.8
vendor:	cisco	model:	application and content networking system	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	secure access control server software	scope:	eq	version:	for windows unix	Trust: 0.8
vendor:	cisco	model:	vg248	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	enterprise firewall	scope:	eq	version:	8.0	Trust: 0.8
vendor:	cisco	model:	catalyst 1200 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	global site selector	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	mds 9000 series	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	ix2000 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 5000 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	info center	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	css 11000 series	scope:	eq	version:	(arrowpoint)	Trust: 0.8
vendor:	symantec	model:	enterprise firewall	scope:	eq	version:	7.0.4	Trust: 0.8
vendor:	cisco	model:	content distribution manager	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6000 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	content delivery manager	scope:	eq	version:	4630 4650	Trust: 0.8
vendor:	cisco	model:	css 11500 series	scope:	-	version:	-	Trust: 0.8
vendor:	internet initiative	model:	seil/neu	scope:	lt	version:	atm ver.1.36 earlier firmware	Trust: 0.8
vendor:	cisco	model:	css 11000 series	scope:	eq	version:	css 11050	Trust: 0.8
vendor:	nec	model:	ix1000 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	cache engine	scope:	eq	version:	505 570	Trust: 0.8
vendor:	cisco	model:	ons 15832	scope:	eq	version:	t31 dwdm system	Trust: 0.8
vendor:	microsoft	model:	windows 9x	scope:	eq	version:	98 scd	Trust: 0.8
vendor:	cisco	model:	intelligent contact management	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unity	scope:	eq	version:	server	Trust: 0.8
vendor:	cisco	model:	vpn 3000 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	css 11000 series	scope:	eq	version:	css 11800	Trust: 0.8
vendor:	cisco	model:	mgx 8850 series	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	hp procurve switch	scope:	-	version:	-	Trust: 0.8
vendor:	fujitsu	model:	interstage security director	scope:	eq	version:	v6.0l10	Trust: 0.8
vendor:	hp	model:	tru64 f pk8	scope:	eq	version:	4.0	Trust: 0.6
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.1	Trust: 0.6
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5	Trust: 0.6
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.5	Trust: 0.6
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.2	Trust: 0.6
vendor:	cisco	model:	call manager	scope:	eq	version:	3.1	Trust: 0.6
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.1	Trust: 0.6
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.0.3	Trust: 0.6
vendor:	cisco	model:	css11500 content services switch s	scope:	ne	version:	7.30	Trust: 0.6
vendor:	cisco	model:	css11500 content services switch s	scope:	ne	version:	7.20	Trust: 0.6
vendor:	symantec	model:	velociraptor	scope:	eq	version:	13001.5	Trust: 0.3
vendor:	symantec	model:	velociraptor	scope:	eq	version:	12001.5	Trust: 0.3
vendor:	symantec	model:	velociraptor	scope:	eq	version:	11001.5	Trust: 0.3
vendor:	symantec	model:	nexland pro800turbo firewall appliance	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	nexland pro800 firewall appliance	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	nexland pro400 firewall appliance	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	nexland pro100 firewall appliance	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	54002.0.1	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	54002.0	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	53101.0	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	53001.0	Trust: 0.3
vendor:	symantec	model:	gateway security 460r	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	460	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	440	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	4200	Trust: 0.3
vendor:	symantec	model:	gateway security 360r build	scope:	eq	version:	2.1415	Trust: 0.3
vendor:	symantec	model:	gateway security 360r build	scope:	eq	version:	2.1300	Trust: 0.3
vendor:	symantec	model:	gateway security 360r	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	360	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	320	Trust: 0.3
vendor:	symantec	model:	firewall/vpn appliance 200r	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	firewall/vpn appliance	scope:	eq	version:	200	Trust: 0.3
vendor:	symantec	model:	firewall/vpn appliance	scope:	eq	version:	100	Trust: 0.3
vendor:	symantec	model:	enterprise firewall solaris	scope:	eq	version:	8.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	eq	version:	8.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall solaris	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	symantec	model:	enterprise firewall solaris	scope:	eq	version:	7.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	eq	version:	7.0	Trust: 0.3
vendor:	sgi	model:	irix	scope:	eq	version:	6.5.25	Trust: 0.3
vendor:	sgi	model:	irix	scope:	eq	version:	6.5.24	Trust: 0.3
vendor:	sgi	model:	irix	scope:	eq	version:	6.5.23	Trust: 0.3
vendor:	sgi	model:	irix	scope:	eq	version:	6.5.22	Trust: 0.3
vendor:	seil	model:	turbo	scope:	eq	version:	1.18	Trust: 0.3
vendor:	seil	model:	neu t1	scope:	eq	version:	2.21	Trust: 0.3
vendor:	seil	model:	neu t1	scope:	eq	version:	1.89	Trust: 0.3
vendor:	seil	model:	neu atm	scope:	eq	version:	1.35	Trust: 0.3
vendor:	seil	model:	neu 2fe plus	scope:	eq	version:	1.9	Trust: 0.3
vendor:	seil	model:	neu 2fe	scope:	eq	version:	2.21	Trust: 0.3
vendor:	seil	model:	neu 2fe	scope:	eq	version:	1.89	Trust: 0.3
vendor:	seil	model:	neu	scope:	eq	version:	1282.21	Trust: 0.3
vendor:	seil	model:	neu	scope:	eq	version:	1281.89	Trust: 0.3
vendor:	sco	model:	unixware	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	sco	model:	unixware	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	sco	model:	open server	scope:	eq	version:	5.0.7	Trust: 0.3
vendor:	sco	model:	open server	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	5.0	Trust: 0.3
vendor:	netscreen	model:	screenos r4	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	netscreen	model:	screenos r9	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r8	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r7	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r6	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r5	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r4	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r10	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r9	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r8	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r7	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r6	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r5	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r4	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r12	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r11	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r10	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos -dial	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	4.0	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	netscreen	model:	screenos r9	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r8	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r7	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r6	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r5	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r4	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r12	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r11	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r10	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	3.1	Trust: 0.3
vendor:	netscreen	model:	screenos r8	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r7	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r6	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r5	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r4	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r1.1	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	3.0.2	Trust: 0.3
vendor:	netscreen	model:	screenos r7	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r6	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r5	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r4	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r4	scope:	eq	version:	3.0	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	3.0	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	3.0	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	3.0	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	3.0	Trust: 0.3
vendor:	netscreen	model:	screenos r4	scope:	eq	version:	2.10	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	2.10	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	2.8	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	2.8	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	netscreen	model:	screenos r9	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r8	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r7	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r6	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r5	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r4	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r3	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r12	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r11	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r10	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	2.6.1	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	2.6	Trust: 0.3
vendor:	netscreen	model:	screenos r6	scope:	eq	version:	2.5	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	2.5	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	2.5	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	2.5	Trust: 0.3
vendor:	netscreen	model:	screenos r7	scope:	eq	version:	2.1	Trust: 0.3
vendor:	netscreen	model:	screenos r6	scope:	eq	version:	2.1	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	2.1	Trust: 0.3
vendor:	netscreen	model:	screenos r8	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	1.73	Trust: 0.3
vendor:	netscreen	model:	screenos r1	scope:	eq	version:	1.73	Trust: 0.3
vendor:	netscreen	model:	screenos r2	scope:	eq	version:	1.66	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	1.66	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	1.64	Trust: 0.3
vendor:	netscreen	model:	screenos	scope:	eq	version:	1.7	Trust: 0.3
vendor:	netbsd	model:	beta	scope:	eq	version:	1.6	Trust: 0.3
vendor:	microsoft	model:	windows xp tablet pc edition sp2	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp tablet pc edition sp1	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp tablet pc edition	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp professional edition	scope:	eq	version:	x64	Trust: 0.3
vendor:	microsoft	model:	windows xp professional sp2	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp professional sp1	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp professional	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp media center edition sp2	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp media center edition sp1	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp media center edition	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp home sp2	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp home sp1	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp home	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp embedded sp1	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp embedded	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows xp 64-bit edition version	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows xp	scope:	eq	version:	0	Trust: 0.3
vendor:	microsoft	model:	windows server web edition sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server web edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server standard edition	scope:	eq	version:	2003x64	Trust: 0.3
vendor:	microsoft	model:	windows server standard edition sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server standard edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition	scope:	eq	version:	2003x64	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition itanium sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition itanium	scope:	eq	version:	20030	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server enterprise edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition	scope:	eq	version:	2003x64	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition itanium sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition itanium	scope:	eq	version:	20030	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition sp1	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server datacenter edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	microsoft	model:	windows server sp4	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows server sp3	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows server sp2	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows server sp1	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows professional sp4	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows professional sp3	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows professional sp2	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows professional sp1	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows professional	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows datacenter server sp4	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows datacenter server sp3	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows datacenter server sp2	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows datacenter server sp1	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows datacenter server	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows advanced server sp4	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows advanced server sp3	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows advanced server sp2	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows advanced server sp1	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows advanced server	scope:	eq	version:	2000	Trust: 0.3
vendor:	mcafee	model:	data loss prevention	scope:	eq	version:	9.2.2	Trust: 0.3
vendor:	mcafee	model:	data loss prevention	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	mcafee	model:	data loss prevention	scope:	eq	version:	9.2.0	Trust: 0.3
vendor:	mcafee	model:	data loss prevention	scope:	eq	version:	8.6	Trust: 0.3
vendor:	juniper	model:	t-series router t640	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	t-series router t320	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	m-series router m5	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	m-series router m40e	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	m-series router m40	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	m-series router m20	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	m-series router m160	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	m-series router m10	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	e-series router	scope:	-	version:	-	Trust: 0.3
vendor:	interniche	model:	nichestack	scope:	eq	version:	2.0	Trust: 0.3
vendor:	interniche	model:	nichelite	scope:	eq	version:	2.0	Trust: 0.3
vendor:	ietf	model:	rfc tcp	scope:	eq	version:	793:	Trust: 0.3
vendor:	ietf	model:	rfc tcp extensions for high performance	scope:	eq	version:	1323:	Trust: 0.3
vendor:	ibm	model:	aix l	scope:	eq	version:	5.3	Trust: 0.3
vendor:	ibm	model:	aix l	scope:	eq	version:	5.2	Trust: 0.3
vendor:	ibm	model:	aix l	scope:	eq	version:	5.1	Trust: 0.3
vendor:	hp	model:	tru64 b-2 pk4	scope:	eq	version:	5.1	Trust: 0.3
vendor:	hp	model:	tru64 b pk4	scope:	eq	version:	5.1	Trust: 0.3
vendor:	hp	model:	tru64 b pk3	scope:	eq	version:	5.1	Trust: 0.3
vendor:	hp	model:	tru64 a pk6	scope:	eq	version:	5.1	Trust: 0.3
vendor:	hp	model:	tru64 g pk4	scope:	eq	version:	4.0	Trust: 0.3
vendor:	hp	model:	procurve switch 9315m	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 9308m	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 9304m	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 8000m	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 5372xl j4848a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 5348xl j4849a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 5308xl j4819a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 5304xl j4850a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 4108gl-bundle	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 4108gl j4865a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 4108gl	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 4000m j4121a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 4000m	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch	scope:	eq	version:	2525	Trust: 0.3
vendor:	hp	model:	procurve switch j4813a	scope:	eq	version:	2524	Trust: 0.3
vendor:	hp	model:	procurve switch	scope:	eq	version:	2524	Trust: 0.3
vendor:	hp	model:	procurve switch	scope:	eq	version:	2512	Trust: 0.3
vendor:	hp	model:	procurve switch 2424m j4093a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 2424m	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 2400m j4122a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 2400m	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 1600m	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	ethertwist	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	advancestack switch 800t j3245a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	advancestack 10base-t switching hub j3210a a.03.07	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	advancestack 10base-t switching hub j3205a a.03.07	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	advancestack 10base-t switching hub j3204a a.03.07	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	advancestack 10base-t switching hub j3203a a.03.07	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	advancestack 10base-t switching hub j3202a a.03.07	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	advancestack 10base-t switching hub j3201a a.03.07	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	advancestack 10base-t switching hub j3200a a.03.07	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-release-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-rc3-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-rc2-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-rc2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-rc1-p2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-rc	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-prerelease	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-beta3-p2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-beta1-p2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-beta1-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-beta1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	9.3	Trust: 0.3
vendor:	freebsd	model:	9.2-stable	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-releng	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-release-p9	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-release-p8	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-release-p7	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-release-p5	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-release-p4	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-release-p3	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-release-p11	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-release-p10	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-rc3-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-rc2-p2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-rc2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-rc1-p2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-rc1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	rc2	scope:	eq	version:	9.2	Trust: 0.3
vendor:	freebsd	model:	rc1	scope:	eq	version:	9.2	Trust: 0.3
vendor:	freebsd	model:	prerelease	scope:	eq	version:	9.2	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	9.2-	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	9.2	Trust: 0.3
vendor:	freebsd	model:	9.1-stable	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-releng	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p7	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p3	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p18	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p17	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p16	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p15	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p14	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p12	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p11	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p10	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-rc2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-rc1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1--releng	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	release-p5	scope:	eq	version:	9.1	Trust: 0.3
vendor:	freebsd	model:	release-p4	scope:	eq	version:	9.1	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	9.1	Trust: 0.3
vendor:	freebsd	model:	9.0-stable	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.0-releng	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.0-release-p6	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.0-release	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.0-rc3	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.0-rc1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.0--releng	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	9.0	Trust: 0.3
vendor:	freebsd	model:	8.4-releng	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p9	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p8	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p7	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p4	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p15	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p14	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p13	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p12	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p11	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-rc2-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-rc1-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-prerelease	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-beta1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	8.4	Trust: 0.3
vendor:	freebsd	model:	8.3-stable	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.3-releng	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.3-release-p8	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.3-release-p6	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.3-release-p16	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.3-release-p15	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.3-release-p14	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.3-release-p11	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	8.3	Trust: 0.3
vendor:	freebsd	model:	8.2-stable	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.2-release-p2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.2-release-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.2-release	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	release -p3	scope:	eq	version:	8.2-	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	8.2	Trust: 0.3
vendor:	freebsd	model:	8.1-stable	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.1-releng	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.1-release-p5	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.1-release-p4	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.1-release-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.1-release	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.1-prerelease	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	8.1	Trust: 0.3
vendor:	freebsd	model:	8.0-stable	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.0-release	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.0-rc1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	-release-p5	scope:	eq	version:	8.0	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	8.0	Trust: 0.3
vendor:	freebsd	model:	8-stable	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	8-releng	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-release-p8	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-release-p7	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-release-p6	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-release-p5	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-release-p4	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-release-p2	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-release-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-rc3-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-rc2-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-rc1-p1	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-beta	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	10.0	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	10	Trust: 0.3
vendor:	cray	model:	unicos/mp	scope:	eq	version:	2.3	Trust: 0.3
vendor:	cray	model:	unicos/mp	scope:	-	version:	-	Trust: 0.3
vendor:	cray	model:	unicos/mk	scope:	eq	version:	2.0.5.54	Trust: 0.3
vendor:	cray	model:	unicos/mk	scope:	eq	version:	1.5.1	Trust: 0.3
vendor:	cray	model:	unicos/mk	scope:	eq	version:	1.5	Trust: 0.3
vendor:	cray	model:	unicos max	scope:	eq	version:	1.3.5	Trust: 0.3
vendor:	cray	model:	unicos max	scope:	eq	version:	1.3	Trust: 0.3
vendor:	cray	model:	unicos	scope:	eq	version:	9.2.4	Trust: 0.3
vendor:	cray	model:	unicos	scope:	eq	version:	9.2	Trust: 0.3
vendor:	cray	model:	unicos	scope:	eq	version:	9.0.2.5	Trust: 0.3
vendor:	cray	model:	unicos	scope:	eq	version:	9.0	Trust: 0.3
vendor:	cray	model:	unicos	scope:	eq	version:	8.3	Trust: 0.3
vendor:	cray	model:	unicos	scope:	eq	version:	8.0	Trust: 0.3
vendor:	cray	model:	unicos	scope:	eq	version:	7.0	Trust: 0.3
vendor:	cray	model:	unicos	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cray	model:	unicos e	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cray	model:	unicos	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	ws-x6624	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ws-x6608	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	wireless lan solution engine	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	wireless lan solution appliance	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	wgb340	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	5008	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	5002	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	5001	Trust: 0.3
vendor:	cisco	model:	voice manager	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	user registration tool vlan policy server	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	3.3	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.46	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.4	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.3	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.1	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	switchprobe	scope:	eq	version:	5.1	Trust: 0.3
vendor:	cisco	model:	switchprobe	scope:	eq	version:	4.7	Trust: 0.3
vendor:	cisco	model:	switchprobe	scope:	eq	version:	4.6	Trust: 0.3
vendor:	cisco	model:	switchprobe	scope:	eq	version:	4.5	Trust: 0.3
vendor:	cisco	model:	switchprobe	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	switchprobe	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	switchprobe	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	sn5400 series storage routers	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	sn storage router sn5428-3.3.2-k9	scope:	eq	version:	5428	Trust: 0.3
vendor:	cisco	model:	sn storage router sn5428-3.3.1-k9	scope:	eq	version:	5428	Trust: 0.3
vendor:	cisco	model:	sn storage router sn5428-3.2.2-k9	scope:	eq	version:	5428	Trust: 0.3
vendor:	cisco	model:	sn storage router sn5428-3.2.1-k9	scope:	eq	version:	5428	Trust: 0.3
vendor:	cisco	model:	sn storage router sn5428-2.5.1-k9	scope:	eq	version:	5428	Trust: 0.3
vendor:	cisco	model:	sn storage router sn5428-2-3.3.2-k9	scope:	eq	version:	5428	Trust: 0.3
vendor:	cisco	model:	sn storage router sn5428-2-3.3.1-k9	scope:	eq	version:	5428	Trust: 0.3
vendor:	cisco	model:	sn storage router	scope:	eq	version:	54201.1.3	Trust: 0.3
vendor:	cisco	model:	sn storage router	scope:	eq	version:	54201.1(7)	Trust: 0.3
vendor:	cisco	model:	sn storage router	scope:	eq	version:	54201.1(5)	Trust: 0.3
vendor:	cisco	model:	sn storage router	scope:	eq	version:	54201.1(4)	Trust: 0.3
vendor:	cisco	model:	sn storage router	scope:	eq	version:	54201.1(3)	Trust: 0.3
vendor:	cisco	model:	sn storage router	scope:	eq	version:	54201.1(2)	Trust: 0.3
vendor:	cisco	model:	secure pix firewall	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	secure intrusion detection system	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3(3.109)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3(3.102)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3(1)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.2.111	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2(3.100)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2(3)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2(2)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2(1)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1.5	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(5)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(4)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(3)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(2)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(1)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0.4	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0.3	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0(4.101)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0(4)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0(2)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0(1)	Trust: 0.3
vendor:	cisco	model:	parallel channel port adapter	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ons t31 submarine wdm system	scope:	eq	version:	15863	Trust: 0.3
vendor:	cisco	model:	ons t31 dwdm system	scope:	eq	version:	15832	Trust: 0.3
vendor:	cisco	model:	ons t31 dwdm system	scope:	eq	version:	15831	Trust: 0.3
vendor:	cisco	model:	ons t30 optical amplification system	scope:	eq	version:	15830	Trust: 0.3
vendor:	cisco	model:	ons dense wave division mux platform	scope:	eq	version:	15808	Trust: 0.3
vendor:	cisco	model:	ons dense wave division mux platform	scope:	eq	version:	15801	Trust: 0.3
vendor:	cisco	model:	ons dense wave division mux platform	scope:	eq	version:	15800	Trust: 0.3
vendor:	cisco	model:	ons t31 omds metro wdm system	scope:	eq	version:	15532	Trust: 0.3
vendor:	cisco	model:	ons t31 omds metro wdm system	scope:	eq	version:	15531	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(3)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(2)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(1)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1(0)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.1	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.0(2)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.0(1)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154544.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.4	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.3	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.2.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.1.0	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	eq	version:	154543.0	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(3)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(2)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.1(0)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.0(2)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.0(1)	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153274.0	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.4	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.3	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.2	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.1	Trust: 0.3
vendor:	cisco	model:	ons	scope:	eq	version:	153273.0	Trust: 0.3
vendor:	cisco	model:	ons ip transport concentrator	scope:	eq	version:	15194	Trust: 0.3
vendor:	cisco	model:	ons ip transport concentrator	scope:	eq	version:	15190	Trust: 0.3
vendor:	cisco	model:	microswitch	scope:	eq	version:	1548	Trust: 0.3
vendor:	cisco	model:	microswitch	scope:	eq	version:	1538	Trust: 0.3
vendor:	cisco	model:	microhub	scope:	eq	version:	1500	Trust: 0.3
vendor:	cisco	model:	mgx-8850 r2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	mgx-8850 r1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	mgx-8260	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	mgx-8240	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	mgx-8220	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	mgx pxm1	scope:	eq	version:	8850-1.2.11	Trust: 0.3
vendor:	cisco	model:	mgx pxm1	scope:	eq	version:	8850-1.2.10	Trust: 0.3
vendor:	cisco	model:	mgx	scope:	eq	version:	8850	Trust: 0.3
vendor:	cisco	model:	mgx	scope:	eq	version:	8830	Trust: 0.3
vendor:	cisco	model:	mgx	scope:	eq	version:	82501.2.11	Trust: 0.3
vendor:	cisco	model:	mgx	scope:	eq	version:	82501.2.10	Trust: 0.3
vendor:	cisco	model:	mgx	scope:	eq	version:	82301.2.11	Trust: 0.3
vendor:	cisco	model:	mgx	scope:	eq	version:	82301.2.10	Trust: 0.3
vendor:	cisco	model:	mgx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	me1100	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	mds	scope:	eq	version:	90002.0(0.86)	Trust: 0.3
vendor:	cisco	model:	mds	scope:	eq	version:	90001.3(3.33)	Trust: 0.3
vendor:	cisco	model:	mds	scope:	eq	version:	9000	Trust: 0.3
vendor:	cisco	model:	local director	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	lightstream atm switches	scope:	eq	version:	100	Trust: 0.3
vendor:	cisco	model:	ip/tv server	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ip phone	scope:	eq	version:	7960	Trust: 0.3
vendor:	cisco	model:	ip phone	scope:	eq	version:	7940	Trust: 0.3
vendor:	cisco	model:	ip phone	scope:	eq	version:	7905	Trust: 0.3
vendor:	cisco	model:	ios 12.3xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3bw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ze	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2za	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yv	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ys	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yo	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xs	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2se	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2mc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ja	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ew	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2dx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2dd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2by	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.1xv	Trust: 0.3
vendor:	cisco	model:	ios 12.1xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ey	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ex	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ew	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ev	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1eu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1eo	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ec	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1eb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ea	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1e	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1db	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1da	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ay	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ax	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1aa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1 e2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0xv	Trust: 0.3
vendor:	cisco	model:	ios 12.0xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xs	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0wx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0wt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0wc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0w5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0st	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0dc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0db	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0da	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 11.2sa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 11.2p	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 11.1cc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 11.1aa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	internet cdn content engine	scope:	eq	version:	7320	Trust: 0.3
vendor:	cisco	model:	internet cdn content engine	scope:	eq	version:	590	Trust: 0.3
vendor:	cisco	model:	intelligent contact manager	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	intelligent contact manager	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	infocenter	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	igx	scope:	eq	version:	8400	Trust: 0.3
vendor:	cisco	model:	hosting solution engine	scope:	eq	version:	1.3	Trust: 0.3
vendor:	cisco	model:	hosting solution engine	scope:	eq	version:	1.0	Trust: 0.3
vendor:	cisco	model:	gss global site selector	scope:	eq	version:	44900	Trust: 0.3
vendor:	cisco	model:	gss global site selector	scope:	eq	version:	4480	Trust: 0.3
vendor:	cisco	model:	fasthub	scope:	eq	version:	4001.0	Trust: 0.3
vendor:	cisco	model:	fasthub	scope:	eq	version:	300	Trust: 0.3
vendor:	cisco	model:	escon channel port adapter	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	device fault manager	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	css11800 content services switch	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	css11500 content services switch	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	css11150 content services switch	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	css11050 content services switch	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	css11000 content services switch	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	csm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	cr-4430-b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	content router	scope:	eq	version:	44304.1	Trust: 0.3
vendor:	cisco	model:	content router	scope:	eq	version:	44304.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	73204.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	73204.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	73203.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	73202.2.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	7320	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5904.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5904.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5903.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5902.2.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	590	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5604.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5604.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5603.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5602.2.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5074.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5074.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5073.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5072.2.0	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	4670	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	46504.1	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	46504.0	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	4650	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	46304.1	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	46304.0	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	4630	Trust: 0.3
vendor:	cisco	model:	content delivery manager	scope:	eq	version:	4650	Trust: 0.3
vendor:	cisco	model:	content delivery manager	scope:	eq	version:	4630	Trust: 0.3
vendor:	cisco	model:	ciscoworks windows	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ciscosecure acs for windows and unix	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ciscosecure acs appliance	scope:	eq	version:	1111	Trust: 0.3
vendor:	cisco	model:	catalyst series ssl services module	scope:	eq	version:	6500	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60007.6(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60007.5(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60007.1(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60007.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.3(4)	Trust: 0.3
vendor:	cisco	model:	catalyst pan	scope:	eq	version:	60006.3	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.2(0.111)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.2(0.110)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.1(2.13)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60006.1(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(13)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.5(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4	Trust: 0.3
vendor:	cisco	model:	catalyst ws-x6380-nam	scope:	eq	version:	60003.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-2	scope:	eq	version:	60003.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-1	scope:	eq	version:	60003.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-2	scope:	eq	version:	60002.2	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-1	scope:	eq	version:	60002.2	Trust: 0.3
vendor:	cisco	model:	catalyst ws-x6380-nam	scope:	eq	version:	60002.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50006.3(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50006.1(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50006.1(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50006.1(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.5(7)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.5(6)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.5	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.5(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.5(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.5(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.5(13)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.5(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.4.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.4(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.4(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.4(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.4(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.2(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.2(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.2(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.2(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.2	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.1(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(9)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(8)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(7)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(6)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(5)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(12)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(11)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50004.5(10)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	5000	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40007.6(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40007.5(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40007.1.2	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40007.1(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40007.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40006.3.5	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40006.3(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40006.1(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.5.5	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.5(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.5(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.5(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.5(13)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.5(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.4.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.4(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.4(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.4(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.4	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.2(7)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.2(6)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.2(5)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.2(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.2(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.2(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.1(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5(9)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5(8)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5(7)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5(6)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5(5)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5(4)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40004.5(10)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	4000	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	3900	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	3000	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor software	scope:	eq	version:	29xx2.4.401	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor software	scope:	eq	version:	29xx2.1.1102	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor software	scope:	eq	version:	29xx2.1.6	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor software	scope:	eq	version:	29xx2.1.502	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor software	scope:	eq	version:	29xx2.1.501	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor software	scope:	eq	version:	29xx2.1.5	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor software	scope:	eq	version:	29xx1.0	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	2950	Trust: 0.3
vendor:	cisco	model:	catalyst 2948g-l3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	catalyst 2948g-ge-tx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	catalyst 2948g	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	2920	Trust: 0.3
vendor:	cisco	model:	catalyst xl	scope:	eq	version:	2900	Trust: 0.3
vendor:	cisco	model:	catalyst lre xl	scope:	eq	version:	2900	Trust: 0.3
vendor:	cisco	model:	catalyst xu	scope:	eq	version:	290012.0	Trust: 0.3
vendor:	cisco	model:	catalyst sa6	scope:	eq	version:	290011.2	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	29006.1(3)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	29006.1(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	29005.5(7)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	29005.5(6)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	29004.5(12)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	29004.5(11)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	2900	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	2820	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	2800	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	1900	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	1200	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	4.0	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.3(3)	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.3	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.1(2)	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	1.0	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	5704.1	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	5704.0	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	5703.0	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	5702.2.0	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	570	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	5054.1	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	5054.0	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	5053.0	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	5052.2.0	Trust: 0.3
vendor:	cisco	model:	cache engine	scope:	eq	version:	505	Trust: 0.3
vendor:	cisco	model:	br350	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	br340	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	bpx/igx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	bpx	scope:	eq	version:	8600	Trust: 0.3
vendor:	cisco	model:	bpx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ap350	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ap340	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	wan switch	scope:	eq	version:	8950	Trust: 0.3
vendor:	cisco	model:	broadband network termination unit	scope:	eq	version:	8110	Trust: 0.3
vendor:	check	model:	point software vpn-1 vsx ng with application intelligence	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software vpn-1 next generation fp2	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software vpn-1 next generation fp1	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software vpn-1 next generation fp0	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software vpn-1 sp6	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software vpn-1 sp5a	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software vpn-1 sp5	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software vpn-1 sp4	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software vpn-1 sp3	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software vpn-1 sp2	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software vpn-1 sp1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software vpn-1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software vpn-1 fp1	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software secureplatform ng fp2 edition	scope:	eq	version:	2	Trust: 0.3
vendor:	check	model:	point software secureplatform ng fp2	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software secureplatform ng fp1	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software secureplatform ng	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software firewall-1 vsx ng with application intelligence	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software firewall-1 next generation fp2	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software firewall-1 next generation fp1	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software firewall-1 next generation fp0	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software firewall-1 gx	scope:	eq	version:	2.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 [ vpn des ]	scope:	eq	version:	+4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 [ vpn des strong ] sp2 build	scope:	eq	version:	++4.141716	Trust: 0.3
vendor:	check	model:	point software firewall-1 [ vpn des strong ] build	scope:	eq	version:	++4.141439	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp6	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp5a	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp5	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp4	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp3	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp2	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp8	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp7	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp6	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp5	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp4	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp3	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp2	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp1	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1	scope:	eq	version:	3.0	Trust: 0.3
vendor:	blue	model:	coat systems security gateway os	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	blue	model:	coat systems security gateway os	scope:	eq	version:	3.1	Trust: 0.3
vendor:	blue	model:	coat systems security gateway os	scope:	eq	version:	3.0	Trust: 0.3
vendor:	blue	model:	coat systems security gateway os sp1	scope:	eq	version:	2.1.5001	Trust: 0.3
vendor:	blue	model:	coat systems security gateway os	scope:	eq	version:	2.1.10	Trust: 0.3
vendor:	blue	model:	coat systems security gateway os	scope:	eq	version:	2.1.9	Trust: 0.3
vendor:	blue	model:	coat systems security gateway os	scope:	eq	version:	2.0	Trust: 0.3
vendor:	blue	model:	coat systems cacheos ca/sa	scope:	eq	version:	4.1.12	Trust: 0.3
vendor:	blue	model:	coat systems cacheos ca/sa	scope:	eq	version:	4.1.10	Trust: 0.3
vendor:	avaya	model:	modular messaging	scope:	eq	version:	3.0	Trust: 0.3
vendor:	avaya	model:	intuity audix r5	scope:	eq	version:	0	Trust: 0.3
vendor:	avaya	model:	cms r17 r3	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	cms r17	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	cms r16 r6	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	cms r16 r5	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	cms r16	scope:	-	version:	-	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	eq	version:	5.0	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	eq	version:	4.15.2	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	eq	version:	4.15.1	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	eq	version:	4.15	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	eq	version:	4.14	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	eq	version:	4.13	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	eq	version:	4.12.1	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	eq	version:	4.12	Trust: 0.3
vendor:	mcafee	model:	network data loss prevention	scope:	ne	version:	9.3	Trust: 0.3
vendor:	freebsd	model:	9.3-stable	scope:	ne	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.3-release-p2	scope:	ne	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.2-release-p12	scope:	ne	version:	-	Trust: 0.3
vendor:	freebsd	model:	9.1-release-p19	scope:	ne	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-stable	scope:	ne	version:	-	Trust: 0.3
vendor:	freebsd	model:	8.4-release-p16	scope:	ne	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.1-prerelease	scope:	ne	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.1-beta1-p1	scope:	ne	version:	-	Trust: 0.3
vendor:	freebsd	model:	10.0-release-p9	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	3080	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	3060	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	3030	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	3015	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30054.0.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30054.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	ne	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator d	scope:	ne	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator c	scope:	ne	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator b	scope:	ne	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator a	scope:	ne	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30053.6.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30053.6.3	Trust: 0.3
vendor:	cisco	model:	vpn hardware client	scope:	ne	version:	3002	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30004.0.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30004.0.x	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30004.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator d	scope:	ne	version:	30003.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.6.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.6	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.5.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.5.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.5.3	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.5.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.5.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.1.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.1.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.1.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.0.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30002.0	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	ne	version:	6.3.3(133)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	ne	version:	6.2.3(110)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	ne	version:	6.1.5(104)	Trust: 0.3
vendor:	cisco	model:	ons optical transport platform	scope:	ne	version:	154544.14	Trust: 0.3
vendor:	cisco	model:	ons	scope:	ne	version:	153274.14	Trust: 0.3
vendor:	cisco	model:	mds	scope:	ne	version:	90001.3	Trust: 0.3
vendor:	cisco	model:	local director	scope:	ne	version:	4.2(6)	Trust: 0.3
vendor:	cisco	model:	local director	scope:	ne	version:	4.2(5)	Trust: 0.3
vendor:	cisco	model:	local director	scope:	ne	version:	4.2(4)	Trust: 0.3
vendor:	cisco	model:	local director	scope:	ne	version:	4.2(3)	Trust: 0.3
vendor:	cisco	model:	local director	scope:	ne	version:	4.2(2)	Trust: 0.3
vendor:	cisco	model:	local director	scope:	ne	version:	4.2(1)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.3(6)	Trust: 0.3
vendor:	cisco	model:	ios 12.2ja	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.2(23)	Trust: 0.3
vendor:	cisco	model:	ios 12.2 s	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0 xn1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.0(28)	Trust: 0.3
vendor:	cisco	model:	ios 12.0 s	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	fwsm for cisco catalyst series	scope:	ne	version:	6500/76001.1(3.17)	Trust: 0.3
vendor:	cisco	model:	fwsm for cisco catalyst series	scope:	ne	version:	6500/7600	Trust: 0.3
vendor:	cisco	model:	css11500 content services switch s	scope:	ne	version:	7.10	Trust: 0.3
vendor:	cisco	model:	catalyst series ssl services module	scope:	ne	version:	65002.1(2)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	ne	version:	28209.00.07	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	ne	version:	19009.00.07	Trust: 0.3
vendor:	avaya	model:	cms r17 r4	scope:	ne	version:	-	Trust: 0.3
vendor:	avaya	model:	cms r16.3 r7	scope:	ne	version:	-	Trust: 0.3
vendor:	alienvault	model:	alienvault	scope:	ne	version:	5.1	Trust: 0.3

sources: CERT/CC: VU#415294 // BID: 10183 // JVNDB: JVNDB-2004-000150 // CNNVD: CNNVD-200408-159 // NVD: CVE-2004-0230

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2004-0230
value:	MEDIUM
Trust: 1.8
CARNEGIE MELLON:	VU#415294
value:	12.90
Trust: 0.8
CNNVD:	CNNVD-200408-159
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-8660
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2004-0230
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2004-0230
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.9
VULHUB:	VHN-8660
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#415294 // VULHUB: VHN-8660 // VULMON: CVE-2004-0230 // JVNDB: JVNDB-2004-000150 // CNNVD: CNNVD-200408-159 // NVD: CVE-2004-0230

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-0230

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 33143 // CNNVD: CNNVD-200408-159

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200408-159

CONFIGURATIONS

sources: NVD: CVE-2004-0230

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-8660 // VULMON: CVE-2004-0230

PATCH

title:	TCP RFC Alert	url:	http://www.checkpoint.com/services/techsupport/alerts/tcp_dos.html	Trust: 0.8
title:	cisco-sa-20040420-tcp-nonios	url:	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml	Trust: 0.8
title:	cisco-sa-20040420-tcp-ios	url:	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml	Trust: 0.8
title:	HPSBGN01041	url:	http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbgn01041	Trust: 0.8
title:	IY62006	url:	http://www-1.ibm.com/support/docview.wss?uid=isg1iy62006	Trust: 0.8
title:	IY55950	url:	http://www-1.ibm.com/support/docview.wss?uid=isg1iy55950	Trust: 0.8
title:	IY55949	url:	http://www-1.ibm.com/support/docview.wss?uid=isg1iy55949	Trust: 0.8
title:	TCP プロトコルの脆弱性による SEIL シリーズへの影響について	url:	http://www.seil.jp/ann/announce_20040421_01.txt	Trust: 0.8
title:	58784	url:	http://www.juniper.net/support/security/alerts/niscc-236929.txt	Trust: 0.8
title:	MS06-064	url:	http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx	Trust: 0.8
title:	MS05-019	url:	http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx	Trust: 0.8
title:	NV04-001	url:	http://www.nec.co.jp/security-info/secinfo/nv04-001.html	Trust: 0.8
title:	Oracle Critical Patch Update Advisory - January 2015	url:	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	Trust: 0.8
title:	Text Form of Oracle Critical Patch Update - January 2015 Risk Matrices	url:	http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html	Trust: 0.8
title:	RTシリーズのTCPに関する脆弱性について	url:	http://www.rtpro.yamaha.co.jp/rt/faq/tcpip/cert-ta04-111a.html	Trust: 0.8
title:	セキュリティ情報（2004年7月20日）	url:	http://www.hitachi.co.jp/prod/comp/storage/diskarray/techsupport/sec_info/sec_20040423-1.html	Trust: 0.8
title:	セキュリティ情報（2004年4月28日）	url:	http://www.hitachi.co.jp/prod/comp/storage/diskarray/techsupport/sec_info/sec_20040423-2.html	Trust: 0.8
title:	January 2015 Critical Patch Update Released	url:	https://blogs.oracle.com/security/entry/january_2015_critical_patch_update	Trust: 0.8
title:	TCPに潜在する脆弱性 (2004年10月7日)	url:	http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_sd_200402.html	Trust: 0.8
title:	SYM05-008	url:	http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html	Trust: 0.8
title:	cisco-sa-20040420-tcp-nonios	url:	http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20040420-tcp-nonios-j.shtml	Trust: 0.8
title:	cisco-sa-20040420-tcp-ios	url:	http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20040420-tcp-ios-j.shtml	Trust: 0.8
title:	SYM05-008	url:	http://www.symantec.com/region/jp/avcenter/security/content/2005.05.02.html	Trust: 0.8
title:	TCP RFCに関するAlert	url:	http://www.checkpoint.co.jp/techsupport/alerts/tcp_rfc_alert.html	Trust: 0.8
title:	TCP の脆弱性について	url:	http://www.allied-telesis.co.jp/support/list/faq/vuls/20040421.html	Trust: 0.8
title:	「TCP プロトコルに潜在する信頼性の問題」に関する製品の対応について	url:	http://www.hitachi.co.jp/prod/comp/secureplaza/html/hirt/20040422.html	Trust: 0.8
title:	MS06-064	url:	http://www.microsoft.com/japan/technet/security/bulletin/ms06-064.mspx	Trust: 0.8
title:	MS05-019	url:	http://www.microsoft.com/japan/technet/security/bulletin/ms05-019.mspx	Trust: 0.8
title:	[お知らせ] TCPに潜在する脆弱性への対応について	url:	http://software.fujitsu.com/jp/security/vulnerabilities/cert/236929_tcp.html	Trust: 0.8
title:	Cisco: TCP Vulnerabilities in Multiple Non-IOS Cisco Products	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20040420-tcp-nonios	Trust: 0.1
title:	Cisco: TCP Vulnerabilities in Multiple IOS-Based Cisco Products	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20040420-tcp-ios	Trust: 0.1
title:	Fortinet Security Advisories: CVE-2004-0230 Blind Reset Attack Using the RST/SYN Bit	url:	https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-16-039	Trust: 0.1
title:	Oracle: Oracle Critical Patch Update Advisory - January 2015	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=4a692d6d60aa31507cb101702b494c51	Trust: 0.1
title:	ips-assessment-reports	url:	https://github.com/gabrieljcs/ips-assessment-reports	Trust: 0.1
title:	dsm_ips	url:	https://github.com/biswajitde/dsm_ips	Trust: 0.1
title:	rhsecapi	url:	https://github.com/redhatofficial/rhsecapi	Trust: 0.1
title:	cve-pylib	url:	https://github.com/redhatproductsecurity/cve-pylib	Trust: 0.1

sources: VULMON: CVE-2004-0230 // JVNDB: JVNDB-2004-000150

EXTERNAL IDS

db:	NVD	id:	CVE-2004-0230	Trust: 3.4
db:	CERT/CC	id:	VU#415294	Trust: 2.9
db:	BID	id:	10183	Trust: 2.9
db:	USCERT	id:	TA04-111A	Trust: 2.3
db:	OSVDB	id:	4030	Trust: 2.1
db:	MCAFEE	id:	SB10053	Trust: 1.5
db:	SECUNIA	id:	11458	Trust: 1.2
db:	SECUNIA	id:	11440	Trust: 1.2
db:	SECUNIA	id:	22341	Trust: 1.2
db:	JUNIPER	id:	JSA10638	Trust: 1.2
db:	VUPEN	id:	ADV-2006-3983	Trust: 1.2
db:	XF	id:	15886	Trust: 0.8
db:	JVNDB	id:	JVNDB-2004-000150	Trust: 0.8
db:	CNNVD	id:	CNNVD-200408-159	Trust: 0.7
db:	NSFOCUS	id:	7605	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1795	Trust: 0.6
db:	PACKETSTORM	id:	33159	Trust: 0.2
db:	PACKETSTORM	id:	33152	Trust: 0.2
db:	PACKETSTORM	id:	33160	Trust: 0.2
db:	PACKETSTORM	id:	33143	Trust: 0.2
db:	EXPLOIT-DB	id:	24033	Trust: 0.2
db:	PACKETSTORM	id:	33202	Trust: 0.1
db:	PACKETSTORM	id:	33185	Trust: 0.1
db:	PACKETSTORM	id:	33153	Trust: 0.1
db:	PACKETSTORM	id:	33172	Trust: 0.1
db:	PACKETSTORM	id:	33174	Trust: 0.1
db:	PACKETSTORM	id:	33171	Trust: 0.1
db:	PACKETSTORM	id:	33243	Trust: 0.1
db:	PACKETSTORM	id:	33182	Trust: 0.1
db:	EXPLOIT-DB	id:	942	Trust: 0.1
db:	EXPLOIT-DB	id:	276	Trust: 0.1
db:	EXPLOIT-DB	id:	24031	Trust: 0.1
db:	EXPLOIT-DB	id:	24032	Trust: 0.1
db:	EXPLOIT-DB	id:	24030	Trust: 0.1
db:	EXPLOIT-DB	id:	291	Trust: 0.1
db:	SEEBUG	id:	SSVID-77770	Trust: 0.1
db:	SEEBUG	id:	SSVID-77769	Trust: 0.1
db:	SEEBUG	id:	SSVID-77768	Trust: 0.1
db:	SEEBUG	id:	SSVID-77771	Trust: 0.1
db:	SEEBUG	id:	SSVID-18409	Trust: 0.1
db:	VULHUB	id:	VHN-8660	Trust: 0.1
db:	VULMON	id:	CVE-2004-0230	Trust: 0.1
db:	SECUNIA	id:	15263	Trust: 0.1
db:	PACKETSTORM	id:	37558	Trust: 0.1
db:	CERT/CC	id:	VU#498440	Trust: 0.1
db:	PACKETSTORM	id:	128284	Trust: 0.1

sources: CERT/CC: VU#415294 // VULHUB: VHN-8660 // VULMON: CVE-2004-0230 // BID: 10183 // JVNDB: JVNDB-2004-000150 // PACKETSTORM: 37558 // PACKETSTORM: 33143 // PACKETSTORM: 33160 // PACKETSTORM: 33159 // PACKETSTORM: 33152 // PACKETSTORM: 128284 // CNNVD: CNNVD-200408-159 // NVD: CVE-2004-0230

REFERENCES

url:	http://www.securityfocus.com/bid/10183	Trust: 2.6
url:	http://www.us-cert.gov/cas/techalerts/ta04-111a.html	Trust: 2.3
url:	http://www.kb.cert.org/vuls/id/415294	Trust: 2.1
url:	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	Trust: 1.5
url:	http://www.uniras.gov.uk/vuls/2004/236929/index.htm	Trust: 1.5
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10053	Trust: 1.4
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0230	Trust: 1.4
url:	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml	Trust: 1.2
url:	http://kb.juniper.net/jsa10638	Trust: 1.2
url:	http://www.securityfocus.com/archive/1/449179/100/0/threaded	Trust: 1.2
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019	Trust: 1.2
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064	Trust: 1.2
url:	ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2004-006.txt.asc	Trust: 1.2
url:	http://www.osvdb.org/4030	Trust: 1.2
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2689	Trust: 1.2
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a270	Trust: 1.2
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a3508	Trust: 1.2
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4791	Trust: 1.2
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5711	Trust: 1.2
url:	ftp://ftp.sco.com/pub/updates/unixware/scosa-2005.14/scosa-2005.14.txt	Trust: 1.2
url:	ftp://ftp.sco.com/pub/updates/openserver/scosa-2005.3/scosa-2005.3.txt	Trust: 1.2
url:	ftp://ftp.sco.com/pub/updates/openserver/scosa-2005.9/scosa-2005.9.txt	Trust: 1.2
url:	http://secunia.com/advisories/11440	Trust: 1.2
url:	http://secunia.com/advisories/11458	Trust: 1.2
url:	http://secunia.com/advisories/22341	Trust: 1.2
url:	ftp://patches.sgi.com/support/free/security/advisories/20040403-01-a.asc	Trust: 1.2
url:	http://www.vupen.com/english/advisories/2006/3983	Trust: 1.2
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/15886	Trust: 1.2
url:	http://marc.info/?l=bugtraq&m=108302060014745&w=2	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=108506952116653&w=2	Trust: 1.1
url:	http://xforce.iss.net/xforce/alerts/id/170	Trust: 1.1
url:	http://www.uniras.gov.uk/niscc/docs/al-20040420-00199.html?lang=en	Trust: 0.8
url:	http://www.niscc.gov.uk/niscc/docs/re-20040420-00391.pdf	Trust: 0.8
url:	http://www.ietf.org/rfc/rfc3562.txt	Trust: 0.8
url:	http://www.ietf.org/rfc/rfc2385.txt	Trust: 0.8
url:	http://www.ietf.org/rfc/rfc1323.txt	Trust: 0.8
url:	http://www.osvdb.org/displayvuln.php?osvdb_id=4030	Trust: 0.8
url:	http://www.ciac.org/ciac/bulletins/o-124.shtml	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0230	Trust: 0.8
url:	http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20040420-00391.xml	Trust: 0.8
url:	http://www.jpcert.or.jp/wr/2004/wr041702.txt	Trust: 0.8
url:	http://www.jpcert.or.jp/at/2004/at040003.txt	Trust: 0.8
url:	http://jvn.jp/niscc/niscc-236929/index.html	Trust: 0.8
url:	http://jvn.jp/cert/jvnta04-111a/index.html	Trust: 0.8
url:	http://jvn.jp/tr/trta04-111a	Trust: 0.8
url:	http://www.cpni.gov.uk/docs/re-20040420-00391.pdf?lang=en	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/15886	Trust: 0.8
url:	http://www.isskk.co.jp/support/techinfo/general/tcp_170.html	Trust: 0.8
url:	http://www.cisco.com/en/us/products/products_security_advisory09186a008021ba2f.shtml	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/7605	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1795/	Trust: 0.6
url:	http://support.avaya.com/elmodocs2/security/asa-2005-097_scasa-2005-14.pdf	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2004-0230	Trust: 0.4
url:	http://www.seil.jp/en/ann/announce_en_20040421_01.txt	Trust: 0.3
url:	http://support.avaya.com/elmodocs2/security/asa-2006-217.htm	Trust: 0.3
url:	http://www-1.ibm.com/support/docview.wss?uid=isg1iy55949	Trust: 0.3
url:	http://www-1.ibm.com/support/docview.wss?uid=isg1iy55950	Trust: 0.3
url:	http://www-1.ibm.com/support/docview.wss?uid=isg1iy62006	Trust: 0.3
url:	http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx	Trust: 0.3
url:	http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx	Trust: 0.3
url:	http://www.bluecoat.com/support/knowledge/advisory_tcp_can-2004-0230.html	Trust: 0.3
url:	http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html	Trust: 0.3
url:	http://www.juniper.net/support/alert.html	Trust: 0.3
url:	http://www.checkpoint.com/techsupport/alerts/tcp_dos.html	Trust: 0.3
url:	https://www.freebsd.org/security/advisories/freebsd-sa-14:19.tcp.asc	Trust: 0.3
url:	https://downloads.avaya.com/css/p8/documents/101006870	Trust: 0.3
url:	https://www.alienvault.com/forums/discussion/5706/security-advisory-alienvault-v5-1-addresses-6-vulnerabilities	Trust: 0.3
url:	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml.	Trust: 0.2
url:	http://www.cisco.com/warp/public/707/	Trust: 0.2
url:	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.	Trust: 0.2
url:	http://www.cisco.com/go/psirt.	Trust: 0.2
url:	http://www.cisco.com.	Trust: 0.2
url:	http://www.cisco.com/warp/public/687/directory/dirtac.shtml	Trust: 0.2
url:	http://marc.info/?l=bugtraq&m=108302060014745&w=2	Trust: 0.1
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10053	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=108506952116653&w=2	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://www.rapid7.com/db/vulnerabilities/tcp-seq-num-approximation	Trust: 0.1
url:	https://github.com/gabrieljcs/ips-assessment-reports	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/24033/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/11440/	Trust: 0.1
url:	http://secunia.com/product/4586/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/15263/	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/415294#systems.	Trust: 0.1
url:	http://www.uniras.gov.uk/vuls/2004/236929/index.htm>.	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/498440)	Trust: 0.1
url:	http://www.uniras.gov.uk/vuls/2004/236929/index.htm)	Trust: 0.1
url:	http://www.cert.org/advisories/ca-2001-09.html>),	Trust: 0.1
url:	http://www.cymru.com/>).	Trust: 0.1
url:	http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm>	Trust: 0.1
url:	http://www.cisco.com/en/us/products/sw/iosswrel/	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc0793.txt.	Trust: 0.1
url:	http://www.cisco.com/en/us/products/sw/iosswrel/ps1835	Trust: 0.1
url:	http://www.cisco.com/en/us/products/sw/iosswrel/ps1828/	Trust: 0.1
url:	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml,	Trust: 0.1
url:	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml,	Trust: 0.1
url:	http://www.cisco.com/en/us/products/sw/iosswrel/ps1835/	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc0793.txt	Trust: 0.1
url:	http://www.qorbit.net/documents/junos-bgp-template.pdf">http://www.qorbit.net/documents/junos-bgp-template.pdf	Trust: 0.1
url:	http://www.ietf.org">the	Trust: 0.1
url:	http://www.cymru.com/documents/ip-stack-tuning.html">http://www.cymru.com/documents/ip-stack-tuning.html	Trust: 0.1
url:	http://www.polycom.com/securitycenter">	Trust: 0.1
url:	http://www.cymru.com/documents/secure-bgp-template.html">http://www.cymru.com/documents/secure-bgp-template.html	Trust: 0.1
url:	http://www.cymru.com/documents/secure-bgp-template.html">	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc793.txt">	Trust: 0.1
url:	http://cve.mitre.org/cve">cve</a>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc2827.txt</a></td>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc3682.txt">	Trust: 0.1
url:	http://www.osvdb.org">open	Trust: 0.1
url:	http://www.uniras.gov.uk/vuls/2004/236929/index.htm">http://www.uniras.gov.uk/vuls/2004/236929/index.htm</a><br>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc0793.txt">rfc	Trust: 0.1
url:	http://www.niscc.gov.uk/aboutniscc/index.htm">http://www.niscc.gov.uk/aboutniscc/index.htm</a><br>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc1323.txt</a></td>	Trust: 0.1
url:	http://www.niscc.gov.uk/bgp%20filtering%20guide.pdf">	Trust: 0.1
url:	http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt</a></td>	Trust: 0.1
url:	http://www.osvdb.org/displayvuln.php?osvdb_id=4030">4030</a>.<br>	Trust: 0.1
url:	http://www.qorbit.net/documents/junos-bgp-template.pdf">	Trust: 0.1
url:	http://www.niscc.gov.uk/images/newtitle.gif"	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc1323.txt">	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc3562.txt</a></td>	Trust: 0.1
url:	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml">http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml</a></td>	Trust: 0.1
url:	http://www.cymru.com/documents/secure-bgp-template.html</a></td>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230">	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc3562.txt">	Trust: 0.1
url:	http://www.sans.org/y2k/egress.htm">http://www.sans.org/y2k/egress.htm</a>.<br>	Trust: 0.1
url:	http://www.sans.org/y2k/egress.htm</a></td>	Trust: 0.1
url:	http://www.niscc.gov.uk/bgp	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc2385.txt">	Trust: 0.1
url:	http://www.polycom.com/securitycenter</a>.</td>	Trust: 0.1
url:	http://www.cymru.com/documents/ip-stack-tuning.html</a></td>	Trust: 0.1
url:	http://www.niscc.gov.uk/bgp%20filtering%20guide.pdf">http://www.niscc.gov.uk/bgp	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc1771.txt">	Trust: 0.1
url:	http://www.uniras.gov.uk/uniras.asc">http://www.uniras.gov.uk/uniras.asc</a>.<br>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230</a></td>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230">can-2004-0230</a>.<br>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc2385.txt">rfc	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc2385.txt</a></td>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc1323.txt">rfc	Trust: 0.1
url:	http://www.checkpoint.com/techsupport/alerts/tcp_dos.html">	Trust: 0.1
url:	http://www.seil.jp/en/ann/announce_en_20040421_01.txt</a>.</td>	Trust: 0.1
url:	http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt">	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc793.txt</a></td>	Trust: 0.1
url:	http://www.jpcert.or.jp">jpcert/cc</a>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc2827.txt">	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc2827.txt">rfc	Trust: 0.1
url:	http://www.iniche.com">www.iniche.com</a>	Trust: 0.1
url:	http://www.osvdb.org/displayvuln.php?osvdb_id=4030</a></td>	Trust: 0.1
url:	http://www.seil.jp/en/ann/announce_en_20040421_01.txt">	Trust: 0.1
url:	http://www.qorbit.net/documents/junos-bgp-template.pdf</a></td>	Trust: 0.1
url:	http://www.sans.org/y2k/egress.htm">	Trust: 0.1
url:	http://www.osvdb.org/displayvuln.php?osvdb_id=4030">	Trust: 0.1
url:	http://www.checkpoint.com/techsupport/alerts/tcp_dos.html</a>.</td>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc1771.txt</a></td>	Trust: 0.1
url:	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml">http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml</a><br>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc3682.txt</a></td>	Trust: 0.1
url:	http://www.ietf.org/rfc/rfc3562.txt">rfc	Trust: 0.1
url:	http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt">http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt</a><br>	Trust: 0.1
url:	http://www.cymru.com/documents/ip-stack-tuning.html">	Trust: 0.1
url:	https://www.juniper.net/support">https://www.juniper.net/support</a>.	Trust: 0.1
url:	http://www.jpcert.or.jp/at/2004/at040003.txt">http://www.jpcert.or.jp/at/2004/at040003.txt</a>.</font></i><br>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0230>	Trust: 0.1
url:	http://security.freebsd.org/>.	Trust: 0.1
url:	http://www.freebsd.org/handbook/kernelconfig.html>	Trust: 0.1
url:	http://security.freebsd.org/patches/sa-14:19/tcp.patch	Trust: 0.1
url:	http://security.freebsd.org/patches/sa-14:19/tcp.patch.asc	Trust: 0.1
url:	http://security.freebsd.org/advisories/freebsd-sa-14:19.tcp.asc>	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-0230	Trust: 0.1
url:	http://svnweb.freebsd.org/base?view=revision&revision=nnnnnn>	Trust: 0.1

CREDITS

Discovery is credited to Paul A. Watson.

Trust: 0.3

sources: BID: 10183

SOURCES

db:	CERT/CC	id:	VU#415294
db:	VULHUB	id:	VHN-8660
db:	VULMON	id:	CVE-2004-0230
db:	BID	id:	10183
db:	JVNDB	id:	JVNDB-2004-000150
db:	PACKETSTORM	id:	37558
db:	PACKETSTORM	id:	33143
db:	PACKETSTORM	id:	33160
db:	PACKETSTORM	id:	33159
db:	PACKETSTORM	id:	33152
db:	PACKETSTORM	id:	128284
db:	CNNVD	id:	CNNVD-200408-159
db:	NVD	id:	CVE-2004-0230

LAST UPDATE DATE

2024-05-15T21:16:14.609000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#415294	date:	2006-05-01T00:00:00
db:	VULHUB	id:	VHN-8660	date:	2018-10-19T00:00:00
db:	VULMON	id:	CVE-2004-0230	date:	2018-10-19T00:00:00
db:	BID	id:	10183	date:	2015-08-12T22:24:00
db:	JVNDB	id:	JVNDB-2004-000150	date:	2015-01-22T00:00:00
db:	CNNVD	id:	CNNVD-200408-159	date:	2020-05-21T00:00:00
db:	NVD	id:	CVE-2004-0230	date:	2018-10-19T15:30:05.173

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#415294	date:	2004-04-20T00:00:00
db:	VULHUB	id:	VHN-8660	date:	2004-08-18T00:00:00
db:	VULMON	id:	CVE-2004-0230	date:	2004-08-18T00:00:00
db:	BID	id:	10183	date:	2004-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2004-000150	date:	2007-04-01T00:00:00
db:	PACKETSTORM	id:	37558	date:	2005-05-29T20:22:44
db:	PACKETSTORM	id:	33143	date:	2004-04-23T05:59:41
db:	PACKETSTORM	id:	33160	date:	2004-04-22T07:16:00
db:	PACKETSTORM	id:	33159	date:	2004-04-22T07:14:00
db:	PACKETSTORM	id:	33152	date:	2004-04-22T02:04:00
db:	PACKETSTORM	id:	128284	date:	2014-09-17T15:58:15
db:	CNNVD	id:	CNNVD-200408-159	date:	2004-08-18T00:00:00
db:	NVD	id:	CVE-2004-0230	date:	2004-08-18T04:00:00