ID
VAR-200911-0398
CVE
CVE-2009-3555
TITLE
SSL and TLS protocols renegotiation vulnerability
Trust: 0.8
DESCRIPTION
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. A vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction. This could result in a situation where the attacker may be able to issue commands to the server that appear to be coming from a legitimate source. According to the Network Working Group:The server treats the client's initial TLS handshake as a renegotiation and thus believes that the initial data transmitted by the attacker is from the same entity as the subsequent client data.This issue affects SSL version 3.0 and newer and TLS version 1.0 and newer. Corrected: 2009-12-03 09:18:40 UTC (RELENG_8, 8.0-STABLE) 2009-12-03 09:18:40 UTC (RELENG_8_0, 8.0-RELEASE-p1) 2009-12-03 09:18:40 UTC (RELENG_7, 7.2-STABLE) 2009-12-03 09:18:40 UTC (RELENG_7_2, 7.2-RELEASE-p5) 2009-12-03 09:18:40 UTC (RELENG_7_1, 7.1-RELEASE-p9) 2009-12-03 09:18:40 UTC (RELENG_6, 6.4-STABLE) 2009-12-03 09:18:40 UTC (RELENG_6_4, 6.4-RELEASE-p8) 2009-12-03 09:18:40 UTC (RELENG_6_3, 6.3-RELEASE-p14) CVE Name: CVE-2009-3555 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://security.FreeBSD.org/>. Background The SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols provide a secure communications layer over which other protocols can be utilized. The most widespread use of SSL/TLS is to add security to the HTTP protocol, thus producing HTTPS. FreeBSD includes software from the OpenSSL Project which implements SSL and TLS. II. Problem Description The SSL version 3 and TLS protocols support session renegotiation without cryptographically tying the new session parameters to the old parameters. III. Impact An attacker who can intercept a TCP connection being used for SSL or TLS can cause the initial session negotiation to take the place of a session renegotiation. This can be exploited in several ways, including: * Causing a server to interpret incoming messages as having been sent under the auspices of a client SSL key when in fact they were not; * Causing a client request to be appended to an attacker-supplied request, potentially revealing to the attacker the contents of the client request (including any authentication parameters); and * Causing a client to receive a response to an attacker-supplied request instead of a response to the request sent by the client. IV. Workaround No workaround is available. Solution NOTE WELL: This update causes OpenSSL to reject any attempt to renegotiate SSL / TLS session parameters. As a result, connections in which the other party attempts to renegotiate session parameters will break. In practice, however, session renegotiation is a rarely-used feature, so disabling this functionality is unlikely to cause problems for most systems. Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE, 7-STABLE, or 8-STABLE, or to the RELENG_8_0, RELENG_7_2, RELENG_7_1, RELENG_6_4, or RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.3, 6.4, 7.1, 7.2, and 8.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-09:15/ssl.patch # fetch http://security.FreeBSD.org/patches/SA-09:15/ssl.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/secure/lib/libcrypto # make obj && make depend && make includes && make && make install NOTE: On the amd64 platform, the above procedure will not update the lib32 (i386 compatibility) libraries. On amd64 systems where the i386 compatibility libraries are used, the operating system should instead be recompiled as described in <URL:http://www.FreeBSD.org/handbook/makeworld.html> VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.10.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.3 src/crypto/openssl/ssl/s3_lib.c 1.1.1.10.2.1 RELENG_6_4 src/UPDATING 1.416.2.40.2.12 src/sys/conf/newvers.sh 1.69.2.18.2.14 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.10.12.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.1.6.2 src/crypto/openssl/ssl/s3_lib.c 1.1.1.10.12.1 RELENG_6_3 src/UPDATING 1.416.2.37.2.19 src/sys/conf/newvers.sh 1.69.2.15.2.18 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.10.10.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.1.4.2 src/crypto/openssl/ssl/s3_lib.c 1.1.1.10.10.1 RELENG_7 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.12.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.2.2 src/crypto/openssl/ssl/s3_lib.c 1.1.1.13.2.1 RELENG_7_2 src/UPDATING 1.507.2.23.2.8 src/sys/conf/newvers.sh 1.72.2.11.2.9 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.12.8.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.2.1.2.1 src/crypto/openssl/ssl/s3_lib.c 1.1.1.13.8.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.12 src/sys/conf/newvers.sh 1.72.2.9.2.13 src/crypto/openssl/ssl/s3_pkt.c 1.1.1.12.6.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.6.2 src/crypto/openssl/ssl/s3_lib.c 1.1.1.13.6.1 RELENG_8 src/crypto/openssl/ssl/s3_pkt.c 1.2.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.1 src/crypto/openssl/ssl/s3_lib.c 1.2.2.1 RELENG_8_0 src/UPDATING 1.632.2.7.2.4 src/sys/conf/newvers.sh 1.83.2.6.2.4 src/crypto/openssl/ssl/s3_pkt.c 1.2.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.4.1 src/crypto/openssl/ssl/s3_lib.c 1.2.4.1 - ------------------------------------------------------------------------- Subversion: Branch/path Revision - ------------------------------------------------------------------------- stable/6/ r200054 releng/6.4/ r200054 releng/6.3/ r200054 stable/7/ r200054 releng/7.2/ r200054 releng/7.1/ r200054 - ------------------------------------------------------------------------- VII. Such input strings represent valid numbers and can be contained in data supplied by an attacker over the network, leading to a denial-of-service attack. Note that this update introduces an OpenJDK package based on the IcedTea release 1.8.3 into the old stable distribution. This addresses several dozen security vulnerabilities, most of which are only exploitable by malicious mobile code. A notable exception is CVE-2009-3555, the TLS renegotiation vulnerability. This update implements the protocol extension described in RFC 5746, addressing this issue. This update also includes a new version of Hotspot, the Java virtual machine, which increases the default heap size on machines with several GB of RAM. If you run several JVMs on the same machine, you might have to reduce the heap size by specifying a suitable -Xmx argument in the invocation of the "java" command. Background The run-time link-editor, rtld, links dynamic executable with their needed libraries at run-time. It also allows users to explicitly load libraries via various LD_ environmental variables. Problem Description When running setuid programs rtld will normally remove potentially dangerous environment variables. Due to recent changes in FreeBSD environment variable handling code, a corrupt environment may result in attempts to unset environment variables failing. Impact An unprivileged user who can execute programs on a system can gain the privileges of any setuid program which he can run. On most systems configurations, this will allow a local attacker to execute code as the root user. Workaround No workaround is available, but systems without untrusted local users, where all the untrusted local users are jailed superusers, and/or where untrusted users cannot execute arbitrary code (e.g., due to use of read only and noexec mount options) are not affected. Note that "untrusted local users" include users with the ability to upload and execute web scripts (CGI, PHP, Python, Perl etc.), as they may be able to exploit this issue. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. CVE-2009-3555 Marsh Ray, Steve Dispensa, and Martin Rex discovered that the TLS and SSLv3 protocols do not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions. This issue is solved in lighttpd by disabling client initiated renegotiation by default. Those users that do actually need such renegotiations, can reenable them via the new 'ssl.disable-client-renegotiation' parameter. CVE-2012-4929 Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed 'CRIME', allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update disables compression. For the stable distribution (squeeze), these problems have been fixed in version 1.4.28-2+squeeze1.2. For the testing distribution (wheezy), and the unstable distribution (sid) these problems have been fixed in version 1.4.30-1. We recommend that you upgrade your lighttpd packages. Service (DoS) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01963123 Version: 1 HPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data Injection, Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2009-12-21 Last Updated: 2009-12-21 Potential Security Impact: Remote unauthorized data injection, Denial of Service (DoS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running Apache v2.0.59.12 and earlier. The vulnerability could be exploited remotely to inject unauthorized data or to create a Denial of Service (DoS). References: CVE-2009-3555 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.12 and previous. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following temporary software updates to resolve the vulnerability. NOTE: The vulnerability is resolved in OpenSSL 0.9.8l. HP-UX Apache v2.0.59.X versions use statically linked libraries. HP-UX Apache v2.0.59.13 is compiled with OpenSSL 0.9.8l. Other versions of HP-UX Apache require the HP-UX OpenSSL packages recommended in HPSBUX02482 SSRT090249, available here http://www.itrc.hp.com/service/cki/secBullArchive.do To review previously published Security Bulletins visit http://www.itrc.hp.com/service/cki/secBullArchive.do The depots are available are available using ftp. Host / Account / Password ftp.usa.hp.com / sb02498 / Secure12 HP-UX Release / Temporary Depot name / SHA-1 Sum B.11.11 (IPv4 and IPv6) / Apache 2.0.59.13 PA-64-32-1111.depot / 3B6BE547403C28926482192408D5D5AB603A403D B.11.23 PA-32 / Apache 2.0.59.13 IA-PA-32-1123.depot / 4809BAF0F83F78F60B7EC73FAF584D221B1CB4A7 B.11.23 IA-64 / Apache 2.0.59.13 IA-PA-64-1123.depot / 1D65F7D49883399F4D202E16754CF7DAE71E3B47 B.11.31 PA-32 / Apache 2.0.59.13 IA-PA-32-1131.depot / 943E21D4621B480B5E8E651ACB605B8F7EA47304 B.11.31 IA-64 / Apache 2.0.59.13 IA-PA-64-1131.depot / B8836FDB73434A3C26FB411E3F7CB3211129E5AC MANUAL ACTIONS: Yes Install Apache v2.0.59.13 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS For Apache IPv4 and IPv6 HP-UX B.11.11 ============= hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.13 or subsequent HP-UX B.11.23 ============= hpuxwsAPCH32.APACHE hpuxwsAPCH32.APACHE2 hpuxwsAPCH32.AUTH_LDAP hpuxwsAPCH32.AUTH_LDAP2 hpuxwsAPCH32.MOD_JK hpuxwsAPCH32.MOD_JK2 hpuxwsAPCH32.MOD_PERL hpuxwsAPCH32.MOD_PERL2 hpuxwsAPCH32.PHP hpuxwsAPCH32.PHP2 hpuxwsAPCH32.WEBPROXY hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.13 or subsequent HP-UX B.11.31 ============= hpuxwsAPCH32.APACHE hpuxwsAPCH32.APACHE2 hpuxwsAPCH32.AUTH_LDAP hpuxwsAPCH32.AUTH_LDAP2 hpuxwsAPCH32.MOD_JK hpuxwsAPCH32.MOD_JK2 hpuxwsAPCH32.MOD_PERL hpuxwsAPCH32.MOD_PERL2 hpuxwsAPCH32.PHP hpuxwsAPCH32.PHP2 hpuxwsAPCH32.WEBPROXY hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.13 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 21 December 2009 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: IcedTea JDK: Multiple vulnerabilities Date: June 29, 2014 Bugs: #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270 ID: 201406-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution. Background ========== IcedTea is a distribution of the Java OpenJDK source code built with free build tools. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3 Description =========== Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details. Resolution ========== All IcedTea JDK users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3" References ========== [ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2010-2548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548 [ 3 ] CVE-2010-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783 [ 4 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 5 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 6 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 7 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 8 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 9 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 10 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 11 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 12 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 13 ] CVE-2010-3564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564 [ 14 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 15 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 16 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 17 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 18 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 19 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 20 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 21 ] CVE-2010-3860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860 [ 22 ] CVE-2010-4351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351 [ 23 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 24 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 25 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 26 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 27 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 28 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 29 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 30 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 31 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 32 ] CVE-2011-0025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025 [ 33 ] CVE-2011-0706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706 [ 34 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 35 ] CVE-2011-0822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822 [ 36 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 37 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 38 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 39 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 40 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 41 ] CVE-2011-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870 [ 42 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 43 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 44 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 45 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 46 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 47 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 48 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 49 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 50 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 51 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 52 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 53 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 54 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 55 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 56 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 57 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 58 ] CVE-2011-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571 [ 59 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 60 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 61 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 62 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 63 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 64 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 65 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 66 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 67 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 68 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 69 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 70 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 71 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 72 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 73 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 74 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 75 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 76 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 77 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 78 ] CVE-2012-3422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422 [ 79 ] CVE-2012-3423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423 [ 80 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 81 ] CVE-2012-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540 [ 82 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 83 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 84 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 85 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 86 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 87 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 88 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 89 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 90 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 91 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 92 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 93 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 94 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 95 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 96 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 97 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 98 ] CVE-2012-5979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979 [ 99 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 100 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 101 ] CVE-2013-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424 [ 102 ] CVE-2013-0425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425 [ 103 ] CVE-2013-0426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426 [ 104 ] CVE-2013-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427 [ 105 ] CVE-2013-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428 [ 106 ] CVE-2013-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429 [ 107 ] CVE-2013-0431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431 [ 108 ] CVE-2013-0432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432 [ 109 ] CVE-2013-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433 [ 110 ] CVE-2013-0434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434 [ 111 ] CVE-2013-0435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435 [ 112 ] CVE-2013-0440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440 [ 113 ] CVE-2013-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441 [ 114 ] CVE-2013-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442 [ 115 ] CVE-2013-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443 [ 116 ] CVE-2013-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444 [ 117 ] CVE-2013-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450 [ 118 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 119 ] CVE-2013-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475 [ 120 ] CVE-2013-1476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476 [ 121 ] CVE-2013-1478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478 [ 122 ] CVE-2013-1480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480 [ 123 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 124 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 125 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 126 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 127 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 128 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 129 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 130 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 131 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 132 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 133 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 134 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 135 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 136 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 137 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 138 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 139 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 140 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 141 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 142 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 143 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 144 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 145 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 146 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 147 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 148 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 149 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 150 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 151 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 152 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 153 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 154 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 155 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 156 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 157 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 158 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 159 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 160 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 161 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 162 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 163 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 164 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 165 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 166 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 167 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 168 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 169 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 170 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 171 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 172 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 173 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 174 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 175 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 176 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 177 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 178 ] CVE-2013-4002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002 [ 179 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 180 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 181 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 182 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 183 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 184 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 185 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 186 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 187 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 188 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 189 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 190 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 191 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 192 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 193 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 194 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 195 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 196 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 197 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 198 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 199 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 200 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 201 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 202 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 203 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 204 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 205 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 206 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 207 ] CVE-2013-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629 [ 208 ] CVE-2013-6954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954 [ 209 ] CVE-2014-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429 [ 210 ] CVE-2014-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446 [ 211 ] CVE-2014-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451 [ 212 ] CVE-2014-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452 [ 213 ] CVE-2014-0453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453 [ 214 ] CVE-2014-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456 [ 215 ] CVE-2014-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457 [ 216 ] CVE-2014-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458 [ 217 ] CVE-2014-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459 [ 218 ] CVE-2014-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460 [ 219 ] CVE-2014-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461 [ 220 ] CVE-2014-1876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876 [ 221 ] CVE-2014-2397 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397 [ 222 ] CVE-2014-2398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398 [ 223 ] CVE-2014-2403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403 [ 224 ] CVE-2014-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412 [ 225 ] CVE-2014-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414 [ 226 ] CVE-2014-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421 [ 227 ] CVE-2014-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423 [ 228 ] CVE-2014-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201406-32.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Since many changes had occurred on the 0.9.8 branch without a public release it was decided to release 0.9.8l based on the last publicly tested release version 0.9.8k. He can then send arbitrary data and trigger a renegotiation using the client's original connection data. From the server's point of view the client simply connected, sent data, renegotiated and continued. From the client's point of view he connects to the server normally. There is no indication at the SSL level that the attack occurred. There may be indications at the level of the protocol layered on top of SSL, for example, unexpected or pipelined responses. This attack can also be performed when the server requests a renegotiation - in this variant, the MitM would wait for the server's renegotiation request and at that point replay the clients original connection data. Once the original client connection data has been replayed, the MitM can no longer inject data, nor can he read the traffic over the SSL connection in either direction. Because of the nature of the attack, this is only an effective defence when deployed on servers. Upgraded clients will still be vulnerable. Servers that need renegotiation to function correctly obviously cannot deploy this fix without breakage. Severity ======== Because of the enormous difficulty of analysing every possible attack on every protocol that is layered on SSL, the OpenSSL Team classify this as a severe issue and recommend that everyone who does not rely on renegotiation deploy 0.9.8l as soon as possible. History ======= A small number of people knew about the problem in advance under NDA and a comprehensive fix was being developed. Unfortunately the issue was independently discovered and the details made public so a less than ideal brute force emergency fix had to be developed and released. We are working on incorporating this into 0.9.8m, which will also incorporate a number of other security and bug fixes. Because renegotiation is, in practice, rarely used we will not be rushing the production of 0.9.8m, but will instead test interoperability with other implementations, and ensure the stability of the other fixes before release. Acknowledgements ================ Thanks to Marsh Ray, who discovered the issue, and Steve Dispensa of PhoneFactor. Also thanks to ICASI who managed the early coordination of this issue. References =========== CVE-2009-3555: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 TLS extension: https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt URL for this Security Advisory: https://www.openssl.org/news/secadv_20091111.txt . Additionally the NSPR package has been upgraded to 4.8.4 that brings numerous upstream fixes. This update provides the latest versions of NSS and NSPR libraries and for which NSS is not vulnerable to this attack. The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number (CVE-2010-0731). HP System Management Homepage v6.2 or subsequent for Linux (x86), Linux (AMD64/EM64T), and Windows can be downloaded from the following link. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0003 Synopsis: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX Issue date: 2011-02-10 Updated on: 2011-02-10 (initial release of advisory) CVE numbers: --- Apache Tomcat --- CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 CVE-2009-3548 CVE-2010-2227 CVE-2010-1157 --- Apache Tomcat Manager --- CVE-2010-2928 --- cURL --- CVE-2010-0734 --- COS Kernel --- CVE-2010-1084 CVE-2010-2066 CVE-2010-2070 CVE-2010-2226 CVE-2010-2248 CVE-2010-2521 CVE-2010-2524 CVE-2010-0008 CVE-2010-0415 CVE-2010-0437 CVE-2009-4308 CVE-2010-0003 CVE-2010-0007 CVE-2010-0307 CVE-2010-1086 CVE-2010-0410 CVE-2010-0730 CVE-2010-1085 CVE-2010-0291 CVE-2010-0622 CVE-2010-1087 CVE-2010-1173 CVE-2010-1437 CVE-2010-1088 CVE-2010-1187 CVE-2010-1436 CVE-2010-1641 CVE-2010-3081 --- Microsoft SQL Express --- CVE-2008-5416 CVE-2008-0085 CVE-2008-0086 CVE-2008-0107 CVE-2008-0106 --- OpenSSL --- CVE-2010-0740 CVE-2010-0433 CVE-2010-3864 CVE-2010-2939 --- Oracle (Sun) JRE --- CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 CVE-2010-0886 CVE-2010-3556 CVE-2010-3566 CVE-2010-3567 CVE-2010-3550 CVE-2010-3561 CVE-2010-3573 CVE-2010-3565 CVE-2010-3568 CVE-2010-3569 CVE-2010-1321 CVE-2010-3548 CVE-2010-3551 CVE-2010-3562 CVE-2010-3571 CVE-2010-3554 CVE-2010-3559 CVE-2010-3572 CVE-2010-3553 CVE-2010-3549 CVE-2010-3557 CVE-2010-3541 CVE-2010-3574 --- pam_krb5 --- CVE-2008-3825 CVE-2009-1384 - ------------------------------------------------------------------------ 1. Summary Update 1 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere Hypervisor (ESXi) 4.1, ESXi 4.1, addresses several security issues. 2. Relevant releases vCenter Server 4.1 without Update 1, vCenter Update Manager 4.1 without Update 1, ESXi 4.1 without patch ESXi410-201101201-SG, ESX 4.1 without patch ESX410-201101201-SG. 3. Problem Description a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database solutions need not update for these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086, CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL Express Service Pack 3. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned Update Manager 4.1 Windows Update 1 Update Manager 4.0 Windows affected, patch pending Update Manager 1.0 Windows affected, no patch planned hosted * any any not affected ESXi any ESXi not affected ESX any ESX not affected * Hosted products are VMware Workstation, Player, ACE, Fusion. b. vCenter Apache Tomcat Management Application Credential Disclosure The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon credentials are not present in the configuration file after the update. VMware would like to thank Claudio Criscione of Secure Networking for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-2928 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows not affected VirtualCenter 2.5 Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX any ESX not affected * hosted products are VMware Workstation, Player, ACE, Fusion. c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21 Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0850. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name to the security issue fixed in Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows not applicable ** VirtualCenter 2.5 Windows not applicable ** Update Manager 4.1 Windows not applicable ** Update Manager 4.0 Windows not applicable ** Update Manager 1.0 Windows not applicable ** hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX not applicable ** ESX 3.5 ESX not applicable ** ESX 3.0.3 ESX not applicable ** * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.5.0 family d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26 Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566, CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573, CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555, CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562, CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572, CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541, CVE-2010-3574. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows not applicable ** vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned Update Manager 4.1 Windows Update 1 Update Manager 4.0 Windows affected, patch pending Update Manager 1.0 Windows affected, no patch planned hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX not applicable ** ESX 4.0 ESX affected, patch pending ESX 3.5 ESX affected, no patch planned ESX 3.0.3 ESX affected, no patch planned * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.6.0 family e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28 Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache Tomcat The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i and CVE-2009-3548. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows not applicable ** hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX not applicable ** ESX 3.0.3 ESX not applicable ** * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Apache Tomcat 5.5 family f. vCenter Server third party component OpenSSL updated to version 0.9.8n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0740 and CVE-2010-0433 to the issues addressed in this version of OpenSSL. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned hosted * any any not applicable ESXi any ESXi not applicable ESX any ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. g. ESX third party component OpenSSL updated to version 0.9.8p The version of the ESX OpenSSL library is updated to 0.9.8p. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3864 and CVE-2010-2939 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi 4.1 ESXi ESXi410-201101201-SG ESXi 4.0 ESXi affected, patch pending ESXi 3.5 ESXi affected, patch pending ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending * hosted products are VMware Workstation, Player, ACE, Fusion. h. ESXi third party component cURL updated The version of cURL library in ESXi is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi 4.1 ESXi ESXi410-201101201-SG ESXi 4.0 ESXi affected, patch pending ESXi 3.5 ESXi affected, patch pending ESX any ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. i. ESX third party component pam_krb5 updated The version of pam_krb5 library is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3825 and CVE-2009-1384 to the issues addressed in the update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX not affected ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected * hosted products are VMware Workstation, Player, ACE, Fusion. j. ESX third party update for Service Console kernel The Service Console kernel is updated to include kernel version 2.6.18-194.11.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070, CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524, CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308, CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086, CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437, CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and CVE-2010-3081 to the issues addressed in the update. Note: This update also addresses the 64-bit compatibility mode stack pointer underflow issue identified by CVE-2010-3081. This issue was patched in an ESX 4.1 patch prior to the release of ESX 4.1 Update 1. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. VMware vCenter Server 4.1 Update 1 and modules ---------------------------------------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html File type: .iso md5sum: 729cf247aa5d33ceec431c86377eee1a sha1sum: c1e10a5fcbc1ae9d13348d43541d574c563d66f0 File type: .zip md5sum: fd1441bef48a153f2807f6823790e2f0 sha1sum: 31737a816ed1c08ab3a505fb6db2483f49ad7c19 VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESXi 4.1 Installable Update 1 ----------------------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html http://kb.vmware.com/kb/1027919 File type: .iso MD5SUM: d68d6c2e040a87cd04cd18c04c22c998 SHA1SUM: bbaacc0d34503822c14f6ccfefb6a5b62d18ae64 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.1) File type: .zip MD5SUM: 2f1e009c046b20042fae3b7ca42a840f SHA1SUM: 1c9c644012dec657a705ddd3d033cbfb87a1fab1 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.0) File type: .zip MD5SUM: 67b924618d196dafaf268a7691bd1a0f SHA1SUM: 9d74b639e703259d9e49c0341158e0d4e45de516 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 3.5) File type: .zip MD5SUM: a6024b9f6c6b7b2c629696afc6d07cf4 SHA1SUM: b3841de1a30617ac68d5a861882aa72de3a93488 VMware Tools CD image for Linux Guest OSes File type: .iso MD5SUM: dad66fa8ece1dd121c302f45444daa70 SHA1SUM: 56535a2cfa7799607356c6fd0a7d9f041da614af VMware vSphere Client File type: .exe MD5SUM: cb6aa91ada1289575355d79e8c2a9f8e SHA1SUM: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESXi Installable Update 1 contains the following security bulletins: ESXi410-201101201-SG. ESX 4.1 Update 1 ---------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html http://kb.vmware.com/kb/1029353 ESX 4.1 Update 1 (DVD ISO) File type: .iso md5sum: b9a275b419a20c7bedf31c0bf64f504e sha1sum: 2d85edcaca8218013585e1eab00bc80db6d96e11 ESX 4.1 Update 1 (upgrade ZIP from ESX 4.1) File type: .zip md5sum: 2d81a87e994aa2b329036f11d90b4c14 sha1sum: c2bfc0cf7ac03d24afd5049ddbd09a865aad1798 Pre-upgrade package for ESX 4.0 to ESX 4.1 Update 1 File type: .zip md5sum: 75f8cebfd55d8a81deb57c27def963c2 sha1sum: 889c15aa8008fe0e29439d0ab3468c2beb1c4fe2 ESX 4.1 Update 1 (upgrade ZIP from ESX 4.0) File type: .zip md5sum: 1dc9035cd10e7e60d27e7a7aef57b4c2 sha1sum: e6d3fb65d83a3e263d0f634a3572025854ff8922 VMware Tools CD image for Linux Guest OSes File type: .iso md5sum: dad66fa8ece1dd121c302f45444daa70 sha1sum: 56535a2cfa7799607356c6fd0a7d9f041da614af VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESX410-Update01 contains the following security bulletins: ESX410-201101201-SG (COS kernel, pam_krb5, cURL, OpenSSL, Apache Tomcat, Oracle (Sun) JRE) | http://kb.vmware.com/kb/1027904 ESX410-201101226-SG (glibc) | http://kb.vmware.com/kb/1031330 ESX410-Update01 also contains the following non-security bulletins ESX410-201101211-UG, ESX410-201101213-UG, ESX410-201101215-UG, ESX410-201101202-UG, ESX410-201101203-UG, ESX410-201101204-UG, ESX410-201101206-UG, ESX410-201101207-UG, ESX410-201101208-UG, ESX410-201101214-UG, ESX410-201101216-UG, ESX410-201101217-UG, ESX410-201101218-UG, ESX410-201101219-UG, ESX410-201101220-UG, ESX410-201101221-UG, ESX410-201101222-UG, ESX410-201101225-UG. To install an individual bulletin use esxupdate with the -b option. 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2928 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0850 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2524 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4308 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0007 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1436 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574 - ------------------------------------------------------------------------ 6. Change log 2011-02-10 VMSA-2011-0003 Initial security advisory in conjunction with the release of vCenter Server 4.1 Update 1, vCenter Update Manager 4.1 Update 1, ESXi 4.1 Update 1, and ESX 4.1 Update 1 on 2011-02-10. - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2011 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iEYEARECAAYFAk1U1eoACgkQS2KysvBH1xm3swCfeh4sWvPOubDT1K7QlRj3SjW9 dxYAmwbNLMR9IG/rKZDYh9hqcf4IldCX =2pVj -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ---------------------------------------------------------------------- http://secunia.com/research/ http://secunia.com/company/jobs/open_positions/reverse_engineer ---------------------------------------------------------------------- TITLE: Oracle WebLogic Server OpenSSL Plaintext Injection Vulnerability SECUNIA ADVISORY ID: SA44292 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44292/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44292 RELEASE DATE: 2011-04-24 DISCUSS ADVISORY: http://secunia.com/advisories/44292/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44292/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44292 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Weblogic Server, which can be exploited by malicious people to manipulate certain data. SOLUTION: Apply updates (please see the vendor's advisory for details). ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html#AppendixAS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:084 http://www.mandriva.com/security/ _______________________________________________________________________ Package : java-1.6.0-openjdk Date : April 28, 2010 Affected: 2009.0, 2009.1, 2010.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple Java OpenJDK security vulnerabilities has been identified and fixed: - TLS: MITM attacks via session renegotiation (CVE-2009-3555). - Loader-constraint table allows arrays instead of only the b ase-classes (CVE-2010-0082). - Policy/PolicyFile leak dynamic ProtectionDomains. (CVE-2010-0084). - File TOCTOU deserialization vulnerability (CVE-2010-0085). - Inflater/Deflater clone issues (CVE-2010-0088). - Unsigned applet can retrieve the dragged information before drop action occurs (CVE-2010-0091). - AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (CVE-2010-0092). - System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (CVE-2010-0093). - Deserialization of RMIConnectionImpl objects should enforce stricter checks (CVE-2010-0094). - Subclasses of InetAddress may incorrectly interpret network addresses (CVE-2010-0095). - JAR unpack200 must verify input parameters (CVE-2010-0837). - CMM readMabCurveData Buffer Overflow Vulnerability (CVE-2010-0838). - Applet Trusted Methods Chaining Privilege Escalation Vulner ability (CVE-2010-0840). - No ClassCastException for HashAttributeSet constructors if run with -Xcomp (CVE-2010-0845) - ImagingLib arbitrary code execution vulnerability (CVE-2010-0847). - AWT Library Invalid Index Vulnerability (CVE-2010-0848). Additional security issues that was fixed with IcedTea6 1.6.2: - deprecate MD2 in SSL cert validation (CVE-2009-2409). - ICC_Profile file existence detection information leak (CVE-2009-3728). - JRE AWT setDifflCM stack overflow (CVE-2009-3869). - JRE AWT setBytePixels heap overflow (CVE-2009-3871). - JPEG Image Writer quantization problem (CVE-2009-3873). - ImageI/O JPEG heap overflow (CVE-2009-3874). - MessageDigest.isEqual introduces timing attack vulnerabilities (CVE-2009-3875). - OpenJDK ASN.1/DER input stream parser denial of service (CVE-2009-3876, CVE-2009-3877) - GraphicsConfiguration information leak (CVE-2009-3879). - UI logging information leakage (CVE-2009-3880). - resurrected classloaders can still have children (CVE-2009-3881). - Numerous static security flaws in Swing (findbugs) (CVE-2009-3882). - Mutable statics in Windows PL&F (findbugs) (CVE-2009-3883). - zoneinfo file existence information leak (CVE-2009-3884). - BMP parsing DoS with UNC ICC links (CVE-2009-3885). Additionally Paulo Cesar Pereira de Andrade (pcpa) at Mandriva found and fixed a bug in IcedTea6 1.8 that is also applied to the provided packages: * plugin/icedteanp/IcedTeaNPPlugin.cc (plugin_filter_environment): Increment malloc size by one to account for NULL terminator. Bug# 474. Packages for 2009.0 are provided due to the Extended Maintenance Program. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3871 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3874 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3880 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3881 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3882 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://article.gmane.org/gmane.comp.java.openjdk.distro-packaging.devel/8938 http://blogs.sun.com/darcy/resource/OpenJDK_6/openjdk6-b18-changes-summary.html http://icedtea.classpath.org/hg/release/icedtea6-1.8/rev/a6a02193b073 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 37c14ebea4b3ceccbecba4ffea2630a6 2009.0/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 3f7ba1d78aaf5f1ca56e86fcb48e7192 2009.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 12963efa8b4ea6691ba68f4e72e81e5d 2009.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 6387d4381c518c5658701c114c5fcb9d 2009.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.0.i586.rpm f90d2a22c10b6eb30aedef13207d346c 2009.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 01e62b54974a3d1b5232de0baa196e41 2009.0/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 212262f34829af20e53fb2076fa78d25 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 630941e679a033285ddf5cb3e4c1d092 2009.0/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm 6330c6dda9cf7c59a90f529bceeee17b 2009.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm c7d708c5f14d710a6bdcc352bb18a55a 2009.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm edf4b1d8efeb157bb0f19b4c4cc55935 2009.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm ac9f8227297249940b1845f3ad95165f 2009.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm d1ed0ce1155c85c423d0cbe47eadfa5b 2009.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm 212262f34829af20e53fb2076fa78d25 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.src.rpm Mandriva Linux 2009.1: 304bc2cab18b29781bfac69d4927ddce 2009.1/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 77f0d2e2b2c04288a5aae608a2f73f1a 2009.1/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 7ff7542b4328fd978725f8e0b02590d9 2009.1/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 3d1bf214209ea3aef86b58962e80901e 2009.1/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.1.i586.rpm f52cf5f8d3f85b98da246963d583f6bc 2009.1/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 87b2fd7ac9883e624e71faa993559e78 2009.1/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 0ff2ca4dfc122a3538349ed2dab6ed81 2009.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 883105d4347bb0864c7c73e4f0865066 2009.1/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm ac44d41806625e0be7a55ff30bf1f0e7 2009.1/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 67db7247fbf1b5be5391f33603b9148c 2009.1/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 0b6e7a93df49306976453daf29a29d96 2009.1/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 67e679d7aa4545a968889dcbb1a3fa8e 2009.1/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 4042e3ae7e3b2dbdcba0e73aadd219d5 2009.1/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 0ff2ca4dfc122a3538349ed2dab6ed81 2009.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.src.rpm Mandriva Linux 2010.0: f3c1bb7b091d5889a856edf93e066367 2010.0/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 7f717091a34f98e9547c698bf08065f5 2010.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 21b8532c934559100b0dbc498ba3c52e 2010.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 8711fdef27cce9af73191903f85dbcd6 2010.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 1905269f878bb1c6367dedc6797f6914 2010.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2010.0.i586.rpm c5f53d24770de6704f00fdf34c87a703 2010.0/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2010.0.i586.rpm b789ff663963ae8b60a0d189b870907c 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 100203d38e76348f262d69d2cae8a7ba 2010.0/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm f155019a4a22d7bf7265c67024dcbc33 2010.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 8eaf304d6eb93212d1045adc301de385 2010.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 2e2082bd89db22cf5fa4be2ebaceb71c 2010.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 3e7a1849db88a8b8ddcdf30441edfcb7 2010.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm fbc9da5e2080972f6f8c01f23e86890f 2010.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm b789ff663963ae8b60a0d189b870907c 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.src.rpm Mandriva Enterprise Server 5: 742a7a6dcc82962a132eadb91a2b1736 mes5/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 3acd32ccd1fee71f07ccb4b038434ffd mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm c3358ac84dbc950752655fee46fd5e4b mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm a30ef6b33fd9ba1403ab46ef9643efdb mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 534f95a18c4798ec80cdfe47bd1148a8 mes5/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm e79e4bd9462096222f5b07d681b3d418 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 0bc580c8d4d6e57cbee939bf68743170 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: 180566f92a5564c747c716ecdf082c8f mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 5e05d90fe32dfce7b15db7d9e5604227 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 09506c689ed0265023861e006fbcb624 mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm c9ff4a3a4695c56b13268d76c355cfbe mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 0a70a54c2eed68e723cbc65de63bfbff mes5/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 166c980a8479cd915f3507070c25508e mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 0bc580c8d4d6e57cbee939bf68743170 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFL1/vUmqjQ0CJFipgRAlcyAJ9+2v53cztdo8nXoixp0vg0IuQjrACbB/vW +oOtru3I2iYRjlx04fi7wMw= =rIwa -----END PGP SIGNATURE-----
Trust: 3.15
AFFECTED PRODUCTS
| vendor: | debian | model: | linux | scope: | eq | version: | 6.0 | Trust: 1.0 |
| vendor: | f5 | model: | nginx | scope: | gte | version: | 0.1.0 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 9.04 | Trust: 1.0 |
| vendor: | debian | model: | linux | scope: | eq | version: | 5.0 | Trust: 1.0 |
| vendor: | f5 | model: | nginx | scope: | lte | version: | 0.8.22 | Trust: 1.0 |
| vendor: | debian | model: | linux | scope: | eq | version: | 7.0 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 8.04 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 10.04 | Trust: 1.0 |
| vendor: | debian | model: | linux | scope: | eq | version: | 8.0 | Trust: 1.0 |
| vendor: | fedoraproject | model: | fedora | scope: | eq | version: | 12 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 9.10 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 10.10 | Trust: 1.0 |
| vendor: | debian | model: | linux | scope: | eq | version: | 4.0 | Trust: 1.0 |
| vendor: | fedoraproject | model: | fedora | scope: | eq | version: | 11 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 8.10 | Trust: 1.0 |
| vendor: | fedoraproject | model: | fedora | scope: | eq | version: | 14 | Trust: 1.0 |
| vendor: | mozilla | model: | nss | scope: | lte | version: | 3.12.4 | Trust: 1.0 |
| vendor: | gnu | model: | gnutls | scope: | lte | version: | 2.8.5 | Trust: 1.0 |
| vendor: | openssl | model: | openssl | scope: | eq | version: | 1.0 | Trust: 1.0 |
| vendor: | openssl | model: | openssl | scope: | lte | version: | 0.9.8k | Trust: 1.0 |
| vendor: | fedoraproject | model: | fedora | scope: | eq | version: | 13 | Trust: 1.0 |
| vendor: | apache | model: | http server | scope: | lte | version: | 2.2.14 | Trust: 1.0 |
| vendor: | barracuda | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | debian gnu linux | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | gnutls | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | hewlett packard | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | ibm | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | mcafee | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | sun microsystems | model: | - | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-295 | Trust: 1.1 |
| problemtype: | CWE-310 | Trust: 0.1 |
THREAT TYPE
remote
Trust: 0.2
TYPE
overflow
Trust: 0.1
EXPLOIT AVAILABILITY
PATCH
| title: | Red Hat: Moderate: gnutls security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100167 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Moderate: httpd and httpd22 security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100011 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Moderate: java-1.4.2-ibm security and bug fix update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100155 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Moderate: openssl097a security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100164 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Moderate: nss security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100165 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Moderate: gnutls security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100166 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Important: openssl security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100162 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Moderate: openssl security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100163 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Low: JBoss Enterprise Web Server 1.0.1 update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100119 - Security Advisory | Trust: 0.1 |
| title: | Ubuntu Security Notice: nss vulnerability | url: | https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-927-6 | Trust: 0.1 |
| title: | Ubuntu Security Notice: apache2 vulnerability | url: | https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-990-2 | Trust: 0.1 |
| title: | Ubuntu Security Notice: nss vulnerability | url: | https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-927-1 | Trust: 0.1 |
| title: | Ubuntu Security Notice: openssl vulnerability | url: | https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-990-1 | Trust: 0.1 |
| title: | Ubuntu Security Notice: nss vulnerability | url: | https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-927-4 | Trust: 0.1 |
| title: | Cisco: Transport Layer Security Renegotiation Vulnerability | url: | https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20091109-tls | Trust: 0.1 |
| title: | Ubuntu Security Notice: apache2 vulnerabilities | url: | https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-860-1 | Trust: 0.1 |
| title: | Red Hat: Moderate: java-1.5.0-ibm security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100130 - Security Advisory | Trust: 0.1 |
| title: | Cisco: Transport Layer Security Renegotiation Remote Man-in-the-Middle Attack Vulnerability | url: | https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=Cisco-SA-20091105-CVE-2009-3555 | Trust: 0.1 |
| title: | Debian CVElist Bug Report Logs: "slowloris" denial-of-service vulnerability | url: | https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=5ed45f95901af77f1f752912d098b48e | Trust: 0.1 |
| title: | Debian Security Advisories: DSA-2141-1 openssl -- SSL/TLS insecure renegotiation protocol design flaw | url: | https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=1c00cc4c6dbe7bb057db61e10ff97d6d | Trust: 0.1 |
| title: | Debian Security Advisories: DSA-2626-1 lighttpd -- several issues | url: | https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=885d01db2c0276e75192acacb224a6e8 | Trust: 0.1 |
| title: | Debian CVElist Bug Report Logs: Not possible to disable SSLv3 | url: | https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=cd46735759deed658e1e15bd89794f91 | Trust: 0.1 |
| title: | Debian Security Advisories: DSA-1934-1 apache2 -- multiple issues | url: | https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=a5a134c3483f034e2df5ced5ad7428ec | Trust: 0.1 |
| title: | Debian Security Advisories: DSA-3253-1 pound -- security update | url: | https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=ad76a2fc91623114f1aaa478b7ecbe12 | Trust: 0.1 |
| title: | Debian CVElist Bug Report Logs: polarssl: CVE-2013-4623: Denial of Service through Certificate message during handshake | url: | https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=48a9651e9438ab2ad49c32956a8040ab | Trust: 0.1 |
| title: | Mozilla: Mozilla Foundation Security Advisory 2010-22 | url: | https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories&qid=2010-22 | Trust: 0.1 |
| title: | Debian CVElist Bug Report Logs: polarssl: CVE-2013-5914 CVE-2013-5915 | url: | https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=3ea56f82629f8bb9aeeedb7aa86eb416 | Trust: 0.1 |
| title: | Symantec Security Advisories: SA44 : TLS/SSLv3 renegotiation (CVE-2009-3555) | url: | https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=92adf6d8db72928bb63961cc8473a936 | Trust: 0.1 |
| title: | Red Hat: Critical: java-1.4.2-ibm security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100786 - Security Advisory | Trust: 0.1 |
| title: | Debian CVElist Bug Report Logs: polarssl: CVE-2009-3555 | url: | https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=d154eb6a1f821c737dadd179519e99ce | Trust: 0.1 |
| title: | Red Hat: Important: java-1.6.0-openjdk security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100339 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Important: java-1.6.0-openjdk security and bug fix update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100768 - Security Advisory | Trust: 0.1 |
| title: | Citrix Security Bulletins: Transport Layer Security Renegotiation Vulnerability | url: | https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=d26786915d99808385e93927bb7516fd | Trust: 0.1 |
| title: | Citrix Security Bulletins: Vulnerability in Citrix Online Plug-ins and ICA Clients Could Result in SSL/TLS Certificate Spoofing | url: | https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=8a0ec21ac35be2b30e769ff0af90fa26 | Trust: 0.1 |
| title: | Red Hat: Critical: java-1.5.0-sun security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100338 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Critical: java-1.6.0-sun security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100337 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Critical: java-1.6.0-ibm security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20091694 - Security Advisory | Trust: 0.1 |
| title: | Red Hat: Critical: java-1.6.0-sun security update | url: | https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20100770 - Security Advisory | Trust: 0.1 |
| title: | VMware Security Advisories: VMware ESX third party updates for Service Console | url: | https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=d7005a2e6744b7e4f77d0105454de35d | Trust: 0.1 |
| title: | Ubuntu Security Notice: openjdk-6 vulnerabilities | url: | https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-923-1 | Trust: 0.1 |
| title: | VMware Security Advisories: VMware ESX third party updates for Service Console | url: | https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=d8e6425b0cb8b545dc1e50945dafb2c0 | Trust: 0.1 |
| title: | Ubuntu Security Notice: openjdk-6, openjdk-6b18 vulnerabilities | url: | https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1010-1 | Trust: 0.1 |
| title: | Symantec Security Advisories: SA50 : Multiple SSL/TLS vulnerabilities in Reporter | url: | https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=1e934b8269c86666c1ebc108ca0e3d35 | Trust: 0.1 |
| title: | Symantec Security Advisories: SA61 : Director multiple Apache vulnerabilities | url: | https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=508649a9a651b4fb32a5cc0f1310d652 | Trust: 0.1 |
| title: | VMware Security Advisories: | url: | https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=ea953b0a91a1816979ec1d304d5e3d93 | Trust: 0.1 |
| title: | DPSSLClientProfile | url: | https://github.com/ADesprets/DPSSLClientProfile | Trust: 0.1 |
| title: | letsencrypt-lighttpd | url: | https://github.com/galeone/letsencrypt-lighttpd | Trust: 0.1 |
| title: | igrill-smoker | url: | https://github.com/kins-dev/igrill-smoker | Trust: 0.1 |
| title: | hanase | url: | https://github.com/ekiojp/hanase | Trust: 0.1 |
| title: | CVE-HOWTO | url: | https://github.com/RedHatProductSecurity/CVE-HOWTO | Trust: 0.1 |
| title: | pulse-secure-vpn-mitm-research | url: | https://github.com/withdk/pulse-secure-vpn-mitm-research | Trust: 0.1 |
| title: | pulse-secure-vpn-mitm-research | url: | https://github.com/withdk/pulse-secure-mitm-research | Trust: 0.1 |
| title: | ReconScan | url: | https://github.com/GiJ03/ReconScan | Trust: 0.1 |
| title: | ReconScan | url: | https://github.com/RoliSoft/ReconScan | Trust: 0.1 |
| title: | test | url: | https://github.com/issdp/test | Trust: 0.1 |
| title: | ReconScan | url: | https://github.com/kira1111/ReconScan | Trust: 0.1 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2009-3555 | Trust: 3.4 |
| db: | CERT/CC | id: | VU#120541 | Trust: 2.0 |
| db: | SECUNIA | id: | 38781 | Trust: 1.1 |
| db: | SECUNIA | id: | 42377 | Trust: 1.1 |
| db: | SECUNIA | id: | 37501 | Trust: 1.1 |
| db: | SECUNIA | id: | 39632 | Trust: 1.1 |
| db: | SECUNIA | id: | 37604 | Trust: 1.1 |
| db: | SECUNIA | id: | 41972 | Trust: 1.1 |
| db: | SECUNIA | id: | 43308 | Trust: 1.1 |
| db: | SECUNIA | id: | 38241 | Trust: 1.1 |
| db: | SECUNIA | id: | 37859 | Trust: 1.1 |
| db: | SECUNIA | id: | 40070 | Trust: 1.1 |
| db: | SECUNIA | id: | 41818 | Trust: 1.1 |
| db: | SECUNIA | id: | 39292 | Trust: 1.1 |
| db: | SECUNIA | id: | 42816 | Trust: 1.1 |
| db: | SECUNIA | id: | 42379 | Trust: 1.1 |
| db: | SECUNIA | id: | 39317 | Trust: 1.1 |
| db: | SECUNIA | id: | 38020 | Trust: 1.1 |
| db: | SECUNIA | id: | 42467 | Trust: 1.1 |
| db: | SECUNIA | id: | 37320 | Trust: 1.1 |
| db: | SECUNIA | id: | 37640 | Trust: 1.1 |
| db: | SECUNIA | id: | 37656 | Trust: 1.1 |
| db: | SECUNIA | id: | 37383 | Trust: 1.1 |
| db: | SECUNIA | id: | 42724 | Trust: 1.1 |
| db: | SECUNIA | id: | 38003 | Trust: 1.1 |
| db: | SECUNIA | id: | 44183 | Trust: 1.1 |
| db: | SECUNIA | id: | 42733 | Trust: 1.1 |
| db: | SECUNIA | id: | 38484 | Trust: 1.1 |
| db: | SECUNIA | id: | 40545 | Trust: 1.1 |
| db: | SECUNIA | id: | 40866 | Trust: 1.1 |
| db: | SECUNIA | id: | 39242 | Trust: 1.1 |
| db: | SECUNIA | id: | 38056 | Trust: 1.1 |
| db: | SECUNIA | id: | 39278 | Trust: 1.1 |
| db: | SECUNIA | id: | 39243 | Trust: 1.1 |
| db: | SECUNIA | id: | 42808 | Trust: 1.1 |
| db: | SECUNIA | id: | 37675 | Trust: 1.1 |
| db: | SECUNIA | id: | 39127 | Trust: 1.1 |
| db: | SECUNIA | id: | 39461 | Trust: 1.1 |
| db: | SECUNIA | id: | 39819 | Trust: 1.1 |
| db: | SECUNIA | id: | 37453 | Trust: 1.1 |
| db: | SECUNIA | id: | 40747 | Trust: 1.1 |
| db: | SECUNIA | id: | 41490 | Trust: 1.1 |
| db: | SECUNIA | id: | 39628 | Trust: 1.1 |
| db: | SECUNIA | id: | 44954 | Trust: 1.1 |
| db: | SECUNIA | id: | 39500 | Trust: 1.1 |
| db: | SECUNIA | id: | 48577 | Trust: 1.1 |
| db: | SECUNIA | id: | 42811 | Trust: 1.1 |
| db: | SECUNIA | id: | 37291 | Trust: 1.1 |
| db: | SECUNIA | id: | 41480 | Trust: 1.1 |
| db: | SECUNIA | id: | 37292 | Trust: 1.1 |
| db: | SECUNIA | id: | 37399 | Trust: 1.1 |
| db: | SECUNIA | id: | 39713 | Trust: 1.1 |
| db: | SECUNIA | id: | 38687 | Trust: 1.1 |
| db: | SECUNIA | id: | 37504 | Trust: 1.1 |
| db: | SECUNIA | id: | 39136 | Trust: 1.1 |
| db: | SECUNIA | id: | 41967 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023217 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023273 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023274 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023206 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023272 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023427 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023218 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023163 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023214 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023211 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023219 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023216 | Trust: 1.1 |
| db: | SECTRACK | id: | 1024789 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023148 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023213 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023271 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023243 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023209 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023215 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023208 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023411 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023204 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023224 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023210 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023207 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023426 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023428 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023205 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023275 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023270 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023212 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-2745 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3353 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-3069 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0086 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3354 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3484 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1793 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3310 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0982 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2011-0033 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3220 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-2010 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1639 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1107 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-3126 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0916 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3164 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2011-0032 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2011-0086 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3313 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0748 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1350 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3521 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0994 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-3086 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1191 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0173 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3587 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0933 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3205 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1054 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0848 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1673 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3165 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/05/3 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/07/3 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/23/10 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/05/5 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/20/1 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/06/3 | Trust: 1.1 |
| db: | OSVDB | id: | 65202 | Trust: 1.1 |
| db: | OSVDB | id: | 62210 | Trust: 1.1 |
| db: | OSVDB | id: | 60521 | Trust: 1.1 |
| db: | OSVDB | id: | 60972 | Trust: 1.1 |
| db: | HITACHI | id: | HS10-030 | Trust: 1.1 |
| db: | USCERT | id: | TA10-222A | Trust: 1.1 |
| db: | USCERT | id: | TA10-287A | Trust: 1.1 |
| db: | BID | id: | 36935 | Trust: 1.1 |
| db: | PACKETSTORM | id: | 120365 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 83415 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 83414 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 88167 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 137201 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 89136 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 88698 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 127267 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 84183 | Trust: 0.2 |
| db: | EXPLOIT-DB | id: | 10071 | Trust: 0.1 |
| db: | EXPLOIT-DB | id: | 10579 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 82657 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 82770 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 130868 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 83271 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 90262 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 88173 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 91309 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 106155 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 111273 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 92095 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 124088 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 120714 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 82652 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 94087 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 97489 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 131826 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 95279 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 102374 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 106156 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 92497 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 88621 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 94088 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 89667 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 84112 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 90286 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 86075 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 114810 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 88224 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 123380 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 84181 | Trust: 0.1 |
| db: | CNNVD | id: | CNNVD-200911-069 | Trust: 0.1 |
| db: | SEEBUG | id: | SSVID-67231 | Trust: 0.1 |
| db: | VULHUB | id: | VHN-41001 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2009-3555 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 169645 | Trust: 0.1 |
| db: | SECUNIA | id: | 44292 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 100765 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 98419 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 93944 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 89026 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 98469 | Trust: 0.1 |
REFERENCES
| url: | https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt | Trust: 2.0 |
| url: | http://extendedsubset.com/?p=8 | Trust: 1.9 |
| url: | http://www.links.org/?p=780 | Trust: 1.9 |
| url: | http://www.links.org/?p=786 | Trust: 1.9 |
| url: | http://www.links.org/?p=789 | Trust: 1.9 |
| url: | http://blogs.iss.net/archive/sslmitmiscsrf.html | Trust: 1.9 |
| url: | http://www.ietf.org/mail-archive/web/tls/current/msg03948.html | Trust: 1.9 |
| url: | https://bugzilla.redhat.com/show_bug.cgi?id=533125 | Trust: 1.9 |
| url: | http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html | Trust: 1.9 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3555 | Trust: 1.4 |
| url: | http://security.gentoo.org/glsa/glsa-201406-32.xml | Trust: 1.2 |
| url: | http://www.kb.cert.org/vuls/id/120541 | Trust: 1.2 |
| url: | http://extendedsubset.com/renegotiating_tls.pdf | Trust: 1.2 |
| url: | http://www.mozilla.org/security/announce/2010/mfsa2010-22.html | Trust: 1.2 |
| url: | http://www.openssl.org/news/secadv_20091111.txt | Trust: 1.2 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1 | Trust: 1.1 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1 | Trust: 1.1 |
| url: | http://securitytracker.com/id?1023148 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023163 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023204 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023205 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023206 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023207 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023208 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023209 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023210 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023211 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023212 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023213 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023214 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023215 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023216 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023217 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023218 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023219 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023224 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023243 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023270 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023271 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023272 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023273 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023274 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023275 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023411 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023426 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023427 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023428 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1024789 | Trust: 1.1 |
| url: | http://www.cisco.com/en/us/products/products_security_advisory09186a0080b01d1d.shtml | Trust: 1.1 |
| url: | http://seclists.org/fulldisclosure/2009/nov/139 | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/507952/100/0/threaded | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/508075/100/0/threaded | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/508130/100/0/threaded | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/515055/100/0/threaded | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/516397/100/0/threaded | Trust: 1.1 |
| url: | http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html | Trust: 1.1 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1 | Trust: 1.1 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1 | Trust: 1.1 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1 | Trust: 1.1 |
| url: | http://www.securityfocus.com/bid/36935 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37291 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37292 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37320 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37383 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37399 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37453 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37501 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37504 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37604 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37640 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37656 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37675 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37859 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38003 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38020 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38056 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38241 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38484 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38687 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38781 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39127 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39136 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39242 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39243 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39278 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39292 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39317 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39461 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39500 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39628 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39632 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39713 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39819 | Trust: 1.1 |
| url: | http://secunia.com/advisories/40070 | Trust: 1.1 |
| url: | http://secunia.com/advisories/40545 | Trust: 1.1 |
| url: | http://secunia.com/advisories/40747 | Trust: 1.1 |
| url: | http://secunia.com/advisories/40866 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41480 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41490 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41818 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41967 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41972 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42377 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42379 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42467 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42724 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42733 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42808 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42811 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42816 | Trust: 1.1 |
| url: | http://secunia.com/advisories/43308 | Trust: 1.1 |
| url: | http://secunia.com/advisories/44183 | Trust: 1.1 |
| url: | http://secunia.com/advisories/44954 | Trust: 1.1 |
| url: | http://secunia.com/advisories/48577 | Trust: 1.1 |
| url: | http://osvdb.org/60521 | Trust: 1.1 |
| url: | http://osvdb.org/60972 | Trust: 1.1 |
| url: | http://osvdb.org/62210 | Trust: 1.1 |
| url: | http://osvdb.org/65202 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3164 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3165 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3205 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3220 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3310 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3313 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3353 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3354 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3484 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3521 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3587 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0086 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0173 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0748 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0848 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0916 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0933 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0982 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0994 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1054 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1107 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1191 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1350 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1639 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1673 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1793 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/2010 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/2745 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/3069 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/3086 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/3126 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2011/0032 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2011/0033 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2011/0086 | Trust: 1.1 |
| url: | http://lists.apple.com/archives/security-announce/2010/jan/msg00000.html | Trust: 1.1 |
| url: | http://lists.apple.com/archives/security-announce/2010//may/msg00001.html | Trust: 1.1 |
| url: | http://lists.apple.com/archives/security-announce/2010//may/msg00002.html | Trust: 1.1 |
| url: | http://www.debian.org/security/2009/dsa-1934 | Trust: 1.1 |
| url: | http://www.debian.org/security/2011/dsa-2141 | Trust: 1.1 |
| url: | http://www.debian.org/security/2015/dsa-3253 | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg01029.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg01020.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00645.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00944.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00428.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00442.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00449.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00634.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049702.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049528.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049455.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-april/039561.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-april/039957.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-may/040652.html | Trust: 1.1 |
| url: | http://security.gentoo.org/glsa/glsa-200912-01.xml | Trust: 1.1 |
| url: | http://security.gentoo.org/glsa/glsa-201203-22.xml | Trust: 1.1 |
| url: | http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c02436041 | Trust: 1.1 |
| url: | http://itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02273751 | Trust: 1.1 |
| url: | http://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02512995 | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/522176 | Trust: 1.1 |
| url: | http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01945686 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg1ic67848 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg1ic68054 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg1ic68055 | Trust: 1.1 |
| url: | http://www.mandriva.com/security/advisories?name=mdvsa-2010:076 | Trust: 1.1 |
| url: | http://www.mandriva.com/security/advisories?name=mdvsa-2010:084 | Trust: 1.1 |
| url: | http://www.mandriva.com/security/advisories?name=mdvsa-2010:089 | Trust: 1.1 |
| url: | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg1pm12247 | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0119.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0130.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0155.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0165.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0167.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0337.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0338.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0339.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0768.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0770.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0786.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0807.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0865.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0986.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0987.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2011-0880.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html | Trust: 1.1 |
| url: | http://www.us-cert.gov/cas/techalerts/ta10-222a.html | Trust: 1.1 |
| url: | http://www.us-cert.gov/cas/techalerts/ta10-287a.html | Trust: 1.1 |
| url: | http://www.ubuntu.com/usn/usn-1010-1 | Trust: 1.1 |
| url: | http://ubuntu.com/usn/usn-923-1 | Trust: 1.1 |
| url: | http://www.ubuntu.com/usn/usn-927-1 | Trust: 1.1 |
| url: | http://www.ubuntu.com/usn/usn-927-4 | Trust: 1.1 |
| url: | http://www.ubuntu.com/usn/usn-927-5 | Trust: 1.1 |
| url: | http://openbsd.org/errata45.html#010_openssl | Trust: 1.1 |
| url: | http://openbsd.org/errata46.html#004_openssl | Trust: 1.1 |
| url: | http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/05/3 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/05/5 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/06/3 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/07/3 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/20/1 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/23/10 | Trust: 1.1 |
| url: | http://www.ietf.org/mail-archive/web/tls/current/msg03928.html | Trust: 1.1 |
| url: | https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3cdev.tomcat.apache.org%3e | Trust: 1.1 |
| url: | https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3cdev.tomcat.apache.org%3e | Trust: 1.1 |
| url: | https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3cdev.tomcat.apache.org%3e | Trust: 1.1 |
| url: | https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3cdev.tomcat.apache.org%3e | Trust: 1.1 |
| url: | http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html | Trust: 1.1 |
| url: | http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during | Trust: 1.1 |
| url: | http://clicky.me/tlsvuln | Trust: 1.1 |
| url: | http://kbase.redhat.com/faq/docs/doc-20491 | Trust: 1.1 |
| url: | http://support.apple.com/kb/ht4004 | Trust: 1.1 |
| url: | http://support.apple.com/kb/ht4170 | Trust: 1.1 |
| url: | http://support.apple.com/kb/ht4171 | Trust: 1.1 |
| url: | http://support.avaya.com/css/p8/documents/100070150 | Trust: 1.1 |
| url: | http://support.avaya.com/css/p8/documents/100081611 | Trust: 1.1 |
| url: | http://support.avaya.com/css/p8/documents/100114315 | Trust: 1.1 |
| url: | http://support.avaya.com/css/p8/documents/100114327 | Trust: 1.1 |
| url: | http://support.citrix.com/article/ctx123359 | Trust: 1.1 |
| url: | http://support.zeus.com/zws/media/docs/4.3/release_notes | Trust: 1.1 |
| url: | http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released | Trust: 1.1 |
| url: | http://sysoev.ru/nginx/patch.cve-2009-3555.txt | Trust: 1.1 |
| url: | http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html | Trust: 1.1 |
| url: | http://wiki.rpath.com/advisories:rpsa-2009-0155 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg21426108 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg21432298 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg24006386 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg24025312 | Trust: 1.1 |
| url: | http://www.arubanetworks.com/support/alerts/aid-020810.txt | Trust: 1.1 |
| url: | http://www.betanews.com/article/1257452450 | Trust: 1.1 |
| url: | http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs10-030/index.html | Trust: 1.1 |
| url: | http://www.ingate.com/relnote.php?ver=481 | Trust: 1.1 |
| url: | http://www.openoffice.org/security/cves/cve-2009-3555.html | Trust: 1.1 |
| url: | http://www.opera.com/docs/changelogs/unix/1060/ | Trust: 1.1 |
| url: | http://www.opera.com/support/search/view/944/ | Trust: 1.1 |
| url: | http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html | Trust: 1.1 |
| url: | http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html | Trust: 1.1 |
| url: | http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html | Trust: 1.1 |
| url: | http://www.proftpd.org/docs/release_notes-1.3.2c | Trust: 1.1 |
| url: | http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html | Trust: 1.1 |
| url: | http://www.tombom.co.uk/blog/?p=85 | Trust: 1.1 |
| url: | http://www.vmware.com/security/advisories/vmsa-2010-0019.html | Trust: 1.1 |
| url: | http://www.vmware.com/security/advisories/vmsa-2011-0003.html | Trust: 1.1 |
| url: | http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html | Trust: 1.1 |
| url: | http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html | Trust: 1.1 |
| url: | https://bugzilla.mozilla.org/show_bug.cgi?id=526689 | Trust: 1.1 |
| url: | https://bugzilla.mozilla.org/show_bug.cgi?id=545755 | Trust: 1.1 |
| url: | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888 | Trust: 1.1 |
| url: | https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10088 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11578 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11617 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7315 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7478 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7973 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8366 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8535 | Trust: 1.1 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/54158 | Trust: 1.1 |
| url: | http://marc.info/?l=bugtraq&m=127557596201693&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=130497311408250&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=133469267822771&w=2 | Trust: 1.0 |
| url: | https://kb.bluecoat.com/index?page=content&id=sa50 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=132077688910227&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=126150535619567&w=2 | Trust: 1.0 |
| url: | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=142660345230545&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=cryptography&m=125752275331877&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=127128920008563&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=134254866602253&w=2 | Trust: 1.0 |
| url: | http://www-1.ibm.com/support/search.wss?rs=0&q=pm00675&apar=only | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=127419602507642&w=2 | Trust: 1.0 |
| url: | http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html | Trust: 0.8 |
| url: | http://cvs.openssl.org/chngview?cn=18790 | Trust: 0.8 |
| url: | http://www.links.org/files/no-renegotiation-2.patch | Trust: 0.8 |
| url: | http://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.html | Trust: 0.8 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555 | Trust: 0.7 |
| url: | http://secunia.com/ | Trust: 0.4 |
| url: | http://lists.grok.org.uk/full-disclosure-charter.html | Trust: 0.4 |
| url: | http://www.mandriva.com/security/ | Trust: 0.4 |
| url: | http://www.mandriva.com/security/advisories | Trust: 0.4 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0095 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0092 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0093 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0088 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0838 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0837 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0091 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0840 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0433 | Trust: 0.2 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0082 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0094 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0084 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0847 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0740 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0082 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0845 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0848 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0085 | Trust: 0.2 |
| url: | http://www.itrc.hp.com/service/cki/secbullarchive.do | Trust: 0.2 |
| url: | http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&langcode=useng&jumpid=in_sc-gen__driveritrc&topiccode=itrc | Trust: 0.2 |
| url: | http://h30046.www3.hp.com/subsignin.php | Trust: 0.2 |
| url: | http://security.freebsd.org/>. | Trust: 0.2 |
| url: | http://www.freebsd.org/handbook/makeworld.html> | Trust: 0.2 |
| url: | http://www.debian.org/security/faq | Trust: 0.2 |
| url: | http://www.debian.org/security/ | Trust: 0.2 |
| url: | http://marc.info/?l=bugtraq&m=132077688910227&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=142660345230545&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=127419602507642&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=134254866602253&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=130497311408250&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=133469267822771&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=126150535619567&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=127128920008563&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=127557596201693&w=2 | Trust: 0.1 |
| url: | http://www-1.ibm.com/support/search.wss?rs=0&q=pm00675&apar=only | Trust: 0.1 |
| url: | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446 | Trust: 0.1 |
| url: | http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=cryptography&m=125752275331877&w=2 | Trust: 0.1 |
| url: | https://kb.bluecoat.com/index?page=content&id=sa50 | Trust: 0.1 |
| url: | https://github.com/adesprets/dpsslclientprofile | Trust: 0.1 |
| url: | https://github.com/galeone/letsencrypt-lighttpd | Trust: 0.1 |
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20091105-cve-2009-3555 | Trust: 0.1 |
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=20886 | Trust: 0.1 |
| url: | http://secunia.com/advisories/44292/ | Trust: 0.1 |
| url: | http://secunia.com/research/ | Trust: 0.1 |
| url: | http://secunia.com/products/corporate/evm/ | Trust: 0.1 |
| url: | http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html#appendixas | Trust: 0.1 |
| url: | http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ | Trust: 0.1 |
| url: | http://secunia.com/advisories/secunia_security_advisories/ | Trust: 0.1 |
| url: | https://ca.secunia.com/?page=viewadvisory&vuln_id=44292 | Trust: 0.1 |
| url: | http://secunia.com/vulnerability_scanning/personal/ | Trust: 0.1 |
| url: | http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org | Trust: 0.1 |
| url: | http://secunia.com/company/jobs/open_positions/reverse_engineer | Trust: 0.1 |
| url: | http://secunia.com/advisories/44292/#comments | Trust: 0.1 |
| url: | http://secunia.com/advisories/about_secunia_advisories/ | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3556 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0086 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0085 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1086 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0730 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1088 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1027919 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2939 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1055 | Trust: 0.1 |
| url: | http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3571 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0307 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3548 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1031330 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3554 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3562 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0084 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0091 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0089 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3557 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3550 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0085 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1384 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3567 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-0086 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0003 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3553 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0106 | Trust: 0.1 |
| url: | http://www.vmware.com/support/policies/eos_vi.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2227 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-0107 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2902 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2901 | Trust: 0.1 |
| url: | http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1085 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0841 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0291 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2248 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0415 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3561 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3541 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3559 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3565 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1027904 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0107 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0093 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0842 | Trust: 0.1 |
| url: | http://www.vmware.com/support/policies/eos.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3574 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0886 | Trust: 0.1 |
| url: | http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0734 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1157 | Trust: 0.1 |
| url: | http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0007 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0850 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2524 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0839 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1087 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0622 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0090 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-3825 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3573 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1084 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-5416 | Trust: 0.1 |
| url: | http://www.vmware.com/security/advisories | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-1384 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0008 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0088 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0849 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2070 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4308 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3549 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3548 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2693 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-4308 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0007 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3568 | Trust: 0.1 |
| url: | http://www.vmware.com/support/policies/security_response.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5416 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3864 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3825 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0410 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1321 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3572 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0092 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1437 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0003 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0094 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3566 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0437 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0844 | Trust: 0.1 |
| url: | http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3548 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2066 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0089 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-2902 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0087 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0087 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1436 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-2693 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1029353 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-0085 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0846 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2226 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1173 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0008 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1641 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2928 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-0106 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0095 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1187 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2521 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3569 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0090 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-2901 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3081 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3551 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0843 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3010 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-4143 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-2068 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-4018 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3011 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-4017 | Trust: 0.1 |
| url: | http://www.hp.com/servers/manage/smh | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0731 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0731 | Trust: 0.1 |
| url: | http://icedtea.classpath.org/hg/release/icedtea6-1.8/rev/a6a02193b073 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3728 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3874 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3728 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3875 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3876 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3884 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3873 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3881 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-2409 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2409 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3883 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3884 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3869 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3882 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3879 | Trust: 0.1 |
| url: | http://blogs.sun.com/darcy/resource/openjdk_6/openjdk6-b18-changes-summary.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3881 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3877 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3883 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3869 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3871 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3882 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3873 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3875 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3874 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3885 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3871 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3877 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3876 | Trust: 0.1 |
| url: | http://article.gmane.org/gmane.comp.java.openjdk.distro-packaging.devel/8938 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3880 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3885 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3880 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3879 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-4470 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471 | Trust: 0.1 |
| url: | http://creativecommons.org/licenses/by-sa/2.5 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3562 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3567 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3568 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3541 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3566 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-2783 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3564 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-4465 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-2548 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3554 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-4469 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3569 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3573 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3548 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3549 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3565 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3860 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3574 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3553 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-4450 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-4467 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-4448 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797 | Trust: 0.1 |
| url: | http://security.gentoo.org/ | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3561 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-4351 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3551 | Trust: 0.1 |
| url: | https://bugs.gentoo.org. | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-3557 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089 | Trust: 0.1 |
| url: | http://security.freebsd.org/advisories/freebsd-sa-09:15.ssl.asc | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:15/ssl.patch.asc | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:15/ssl.patch | Trust: 0.1 |
| url: | https://www.hp.com/go/swa | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2012-4929 | Trust: 0.1 |
| url: | http://www.hpe.com/support/security_bulletin_archive | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-1790 | Trust: 0.1 |
| url: | http://www.hpe.com/info/insightmanagement | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-2019 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-0705 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-1788 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-1792 | Trust: 0.1 |
| url: | http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131085 | Trust: 0.1 |
| url: | http://www.hpe.com/support/subscriber_choice | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-3195 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-0799 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3567 | Trust: 0.1 |
| url: | https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-2020 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-2018 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3513 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-1789 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-2022 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-1791 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-2017 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-7501 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-2027 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-6565 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-0205 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3568 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3508 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-3194 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-2026 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3569 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3509 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2016-2021 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3511 | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:16/rtld.patch.asc | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4146 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4147 | Trust: 0.1 |
| url: | http://security.freebsd.org/advisories/freebsd-sa-09:16.rtld.asc | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:16/rtld7.patch | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:16/rtld7.patch.asc | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:16/rtld.patch | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-4476 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0740 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0433 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3245 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3245 | Trust: 0.1 |
CREDITS
Mandriva
Trust: 0.4
SOURCES
| db: | CERT/CC | id: | VU#120541 |
| db: | VULHUB | id: | VHN-41001 |
| db: | VULMON | id: | CVE-2009-3555 |
| db: | PACKETSTORM | id: | 169645 |
| db: | PACKETSTORM | id: | 100765 |
| db: | PACKETSTORM | id: | 98419 |
| db: | PACKETSTORM | id: | 93944 |
| db: | PACKETSTORM | id: | 89136 |
| db: | PACKETSTORM | id: | 88167 |
| db: | PACKETSTORM | id: | 89026 |
| db: | PACKETSTORM | id: | 127267 |
| db: | PACKETSTORM | id: | 83414 |
| db: | PACKETSTORM | id: | 84183 |
| db: | PACKETSTORM | id: | 120365 |
| db: | PACKETSTORM | id: | 137201 |
| db: | PACKETSTORM | id: | 83415 |
| db: | PACKETSTORM | id: | 98469 |
| db: | PACKETSTORM | id: | 88698 |
| db: | NVD | id: | CVE-2009-3555 |
LAST UPDATE DATE
2025-11-28T22:33:22.615000+00:00
SOURCES UPDATE DATE
| db: | CERT/CC | id: | VU#120541 | date: | 2011-07-22T00:00:00 |
| db: | VULHUB | id: | VHN-41001 | date: | 2023-02-13T00:00:00 |
| db: | NVD | id: | CVE-2009-3555 | date: | 2025-04-09T00:30:58.490 |
SOURCES RELEASE DATE
| db: | CERT/CC | id: | VU#120541 | date: | 2009-11-11T00:00:00 |
| db: | VULHUB | id: | VHN-41001 | date: | 2009-11-09T00:00:00 |
| db: | PACKETSTORM | id: | 169645 | date: | 2009-11-11T12:12:12 |
| db: | PACKETSTORM | id: | 100765 | date: | 2011-04-24T07:03:17 |
| db: | PACKETSTORM | id: | 98419 | date: | 2011-02-11T13:13:00 |
| db: | PACKETSTORM | id: | 93944 | date: | 2010-09-17T00:35:23 |
| db: | PACKETSTORM | id: | 89136 | date: | 2010-05-03T23:54:02 |
| db: | PACKETSTORM | id: | 88167 | date: | 2010-04-07T02:30:56 |
| db: | PACKETSTORM | id: | 89026 | date: | 2010-04-28T20:44:54 |
| db: | PACKETSTORM | id: | 127267 | date: | 2014-06-30T23:39:28 |
| db: | PACKETSTORM | id: | 83414 | date: | 2009-12-03T21:01:42 |
| db: | PACKETSTORM | id: | 84183 | date: | 2009-12-22T20:50:12 |
| db: | PACKETSTORM | id: | 120365 | date: | 2013-02-18T15:23:02 |
| db: | PACKETSTORM | id: | 137201 | date: | 2016-05-26T09:22:00 |
| db: | PACKETSTORM | id: | 83415 | date: | 2009-12-03T21:03:04 |
| db: | PACKETSTORM | id: | 98469 | date: | 2011-02-14T21:33:52 |
| db: | PACKETSTORM | id: | 88698 | date: | 2010-04-20T15:07:58 |
| db: | NVD | id: | CVE-2009-3555 | date: | 2009-11-09T17:30:00.407 |