Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
156 vulnerabilities found for netware by novell
VAR-200202-0006
Vulnerability from variot - Updated: 2026-03-09 23:33Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code ・ If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. It was previously known as UCD-SNMP. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. HP has confirmed that large traps will cause OpenView Network Node Manager to crash. This may be due to an exploitable buffer overflow condition
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "3com",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adtran",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "american power conversion",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "aprisma",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bea",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bmc",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cnt",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "comtek services",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cscare",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cacheflow",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "carrier access",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "compaq computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "concord",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dart",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "digital",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "entrada",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "equinox",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fluke",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "general datacomm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hirschmann",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "iplanet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "itouch",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "infovista",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "inktomi",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "innerdive",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ipswitch",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "karlnet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lantronix",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "larscom incorporated",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lotus",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lucent",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mg soft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "marconi",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mercury interactive",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "metrobility optical",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "micromuse",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "monfox",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "multinet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net snmp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network harmoni",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nbase xyplex",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscout",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netsilicon",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscape",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network appliance",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nortel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "novell",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwave",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "optical access",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "perle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "powerware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "radware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "redback",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "riverstone",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "snmp research",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sniffer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonicwall",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonus",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "stonesoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "symantec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "the sco group sco unix",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "tivoli",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "toshiba",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "unisphere",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vertical",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vina",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wind river",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "world wide packets",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "e security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net com",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "snmp",
"version": "*"
},
{
"_id": null,
"model": "windows 98se",
"scope": null,
"trust": 0.9,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "95"
},
{
"_id": null,
"model": "windows server",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nudesign team",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "outback resource group",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "veritas",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bintec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "interniche",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ncipher corp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.00"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.20"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.24"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"_id": null,
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "95"
},
{
"_id": null,
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98"
},
{
"_id": null,
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98 scd"
},
{
"_id": null,
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "me"
},
{
"_id": null,
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (server)"
},
{
"_id": null,
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (terminal_srv)"
},
{
"_id": null,
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (workstation)"
},
{
"_id": null,
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"_id": null,
"model": "windows xp gold",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "0"
},
{
"_id": null,
"model": "windows nt",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.5"
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.5"
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.5"
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.0"
},
{
"_id": null,
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.6,
"vendor": "net snmp",
"version": "4.2.1"
},
{
"_id": null,
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.6,
"vendor": "net snmp",
"version": "4.1.1"
},
{
"_id": null,
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.6,
"vendor": "net snmp",
"version": "4.2.2"
},
{
"_id": null,
"model": "snmp",
"scope": null,
"trust": 0.6,
"vendor": "snmp",
"version": null
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0"
},
{
"_id": null,
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0.1"
},
{
"_id": null,
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0.1"
},
{
"_id": null,
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"_id": null,
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.1.2"
},
{
"_id": null,
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.3"
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.6"
},
{
"_id": null,
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.5"
},
{
"_id": null,
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.4"
},
{
"_id": null,
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.3"
},
{
"_id": null,
"model": "research mid-level manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"_id": null,
"model": "research enterpol",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"_id": null,
"model": "research dr-web manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"_id": null,
"model": "brocade",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6.0"
},
{
"_id": null,
"model": "networks aos",
"scope": null,
"trust": 0.3,
"vendor": "redback",
"version": null
},
{
"_id": null,
"model": "realplayer intranet",
"scope": "eq",
"trust": 0.3,
"vendor": "realnetworks",
"version": "5.0"
},
{
"_id": null,
"model": "software tcpware",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "5.5"
},
{
"_id": null,
"model": "software multinet",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "4.4"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.5"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.11"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.2"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"_id": null,
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows nt workstation sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt workstation sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt workstation sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt workstation sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt terminal server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt terminal server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt terminal server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt enterprise server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt enterprise server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt enterprise server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "98"
},
{
"_id": null,
"model": "windows terminal services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows terminal services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows terminal services",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "domino snmp agents solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1x86"
},
{
"_id": null,
"model": "domino snmp agents solaris sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"_id": null,
"model": "domino snmp agents hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"_id": null,
"model": "lrs",
"scope": null,
"trust": 0.3,
"vendor": "lantronix",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"_id": null,
"model": "solutions router ip console",
"scope": "eq",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.406"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"_id": null,
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"_id": null,
"model": "procurve switch 8000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "procurve switch 4108gl-bundle",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "procurve switch 4108gl",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "procurve switch 4000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2525"
},
{
"_id": null,
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2524"
},
{
"_id": null,
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2512"
},
{
"_id": null,
"model": "procurve switch 2424m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "procurve switch 2400m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "procurve switch 1600m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "ov/sam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"_id": null,
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.10"
},
{
"_id": null,
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.22000"
},
{
"_id": null,
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.211.x"
},
{
"_id": null,
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.210.x"
},
{
"_id": null,
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.111.x"
},
{
"_id": null,
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.110.x"
},
{
"_id": null,
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.02000"
},
{
"_id": null,
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.011.x"
},
{
"_id": null,
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.010.20"
},
{
"_id": null,
"model": "openview network node manager windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0.23.51/4.0"
},
{
"_id": null,
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"_id": null,
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"_id": null,
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"_id": null,
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"_id": null,
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"_id": null,
"model": "openview extensible snmp agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"_id": null,
"model": "openview emanate snmp agent solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.22.x"
},
{
"_id": null,
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.211.x"
},
{
"_id": null,
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.210.20"
},
{
"_id": null,
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.03"
},
{
"_id": null,
"model": "mc/serviceguard",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.20.00"
},
{
"_id": null,
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
},
{
"_id": null,
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.00"
},
{
"_id": null,
"model": "ito/vpo/ovo unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "ems a.03.20",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "ems a.03.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "ems a.03.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "services nmserver",
"scope": "eq",
"trust": 0.3,
"vendor": "comtek",
"version": "3.4"
},
{
"_id": null,
"model": "associates unicenter",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.1"
},
{
"_id": null,
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.0"
},
{
"_id": null,
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7"
},
{
"_id": null,
"model": "openunix",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "8.0"
},
{
"_id": null,
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.6"
},
{
"_id": null,
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.5"
},
{
"_id": null,
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0"
},
{
"_id": null,
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1"
},
{
"_id": null,
"model": "web nms msp edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "web nms",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "snmp utilities",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "snmp api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "mediation server",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "management builder",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "fault management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "configuration management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "cli api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "agent toolkit java/jmx edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "agent toolkit c edition",
"scope": "eq",
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"_id": null,
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3000"
},
{
"_id": null,
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1000"
},
{
"_id": null,
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4900"
},
{
"_id": null,
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4400"
},
{
"_id": null,
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3300"
},
{
"_id": null,
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1100"
},
{
"_id": null,
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "50"
},
{
"_id": null,
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "40"
},
{
"_id": null,
"model": "dual speed hub",
"scope": null,
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"_id": null,
"model": "brocade .0d",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6"
},
{
"_id": null,
"model": "solutions router ip console",
"scope": "ne",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.407"
},
{
"_id": null,
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.21.00"
},
{
"_id": null,
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ibm:aix",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:vvos",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows-9x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_nt",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_xp",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
}
]
},
"credits": {
"_id": null,
"data": "Discovered by the Oulu University Secure Programming Group.",
"sources": [
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
}
],
"trust": 0.9
},
"cve": "CVE-2002-0012",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0012",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0012",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#107186",
"trust": 0.8,
"value": "69.26"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#854306",
"trust": 0.8,
"value": "42.64"
},
{
"author": "NVD",
"id": "CVE-2002-0012",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200202-007",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"description": {
"_id": null,
"data": "Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code \u30fb If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. It was previously known as UCD-SNMP. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. \nMultiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. \nAmong the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. \nHP has confirmed that large traps will cause OpenView Network Node Manager to crash. This may be due to an exploitable buffer overflow condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0012"
},
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
}
],
"trust": 4.68
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2002-0012",
"trust": 3.9
},
{
"db": "CERT/CC",
"id": "VU#107186",
"trust": 3.2
},
{
"db": "BID",
"id": "4088",
"trust": 2.2
},
{
"db": "BID",
"id": "4732",
"trust": 1.9
},
{
"db": "BID",
"id": "4089",
"trust": 1.9
},
{
"db": "BID",
"id": "4132",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#854306",
"trust": 1.4
},
{
"db": "BID",
"id": "5043",
"trust": 1.3
},
{
"db": "XF",
"id": "8177",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007",
"trust": 0.6
},
{
"db": "BID",
"id": "89608",
"trust": 0.3
},
{
"db": "BID",
"id": "89661",
"trust": 0.3
},
{
"db": "BID",
"id": "4203",
"trust": 0.3
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"id": "VAR-200202-0006",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.489583335
},
"last_update_date": "2026-03-09T23:33:13.016000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HPSBUX00184",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00964944"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2001-163.html"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3"
},
{
"title": "IBM Information for VU#107186",
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/IAFY-55KRCV"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/Bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2001-163J.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.0,
"url": "http://www.cert.org/advisories/ca-2002-03.html"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/107186"
},
{
"trust": 1.6,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/"
},
{
"trust": 1.6,
"url": "http://www.cert.org/tech_tips/denial_of_service.html"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc3000.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1212.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1213.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1215.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1270.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2570.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2571.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2572.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2573.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2574.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2575.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2576.txt"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4088"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4132"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4732"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4089"
},
{
"trust": 1.6,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html"
},
{
"trust": 1.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/advisories/4211"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20020201-01-a"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006"
},
{
"trust": 1.0,
"url": "http://www.iss.net/security_center/alerts/advise110.php"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1048"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a161"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a298"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/5043"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a144"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/m-042.shtml"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20020213snmp.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020701.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020901.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2002/at020001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-03"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0012"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/8177"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013"
},
{
"trust": 0.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.6,
"url": "http://www.kb.cert.org/vuls/id/854306"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/bid/4088"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/bid/4089"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/news/474"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#107186",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#854306",
"ident": null
},
{
"db": "BID",
"id": "89608",
"ident": null
},
{
"db": "BID",
"id": "89661",
"ident": null
},
{
"db": "BID",
"id": "5043",
"ident": null
},
{
"db": "BID",
"id": "4732",
"ident": null
},
{
"db": "BID",
"id": "4203",
"ident": null
},
{
"db": "BID",
"id": "4088",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2002-0012",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2002-01-16T00:00:00",
"db": "CERT/CC",
"id": "VU#107186",
"ident": null
},
{
"date": "2002-02-12T00:00:00",
"db": "CERT/CC",
"id": "VU#854306",
"ident": null
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608",
"ident": null
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661",
"ident": null
},
{
"date": "2002-06-18T00:00:00",
"db": "BID",
"id": "5043",
"ident": null
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732",
"ident": null
},
{
"date": "2002-02-27T00:00:00",
"db": "BID",
"id": "4203",
"ident": null
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4088",
"ident": null
},
{
"date": "2002-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-007",
"ident": null
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000033",
"ident": null
},
{
"date": "2002-02-13T05:00:00",
"db": "NVD",
"id": "CVE-2002-0012",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#107186",
"ident": null
},
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#854306",
"ident": null
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608",
"ident": null
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661",
"ident": null
},
{
"date": "2009-07-11T13:56:00",
"db": "BID",
"id": "5043",
"ident": null
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732",
"ident": null
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4203",
"ident": null
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4088",
"ident": null
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-007",
"ident": null
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000033",
"ident": null
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-0012",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
}
],
"trust": 1.8
},
"title": {
"_id": null,
"data": "Multiple vulnerabilities in SNMPv1 trap handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
}
],
"trust": 0.6
}
}
VAR-200503-0010
Vulnerability from variot - Updated: 2026-03-09 22:31Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016). Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices & Catalyst switches, and HP-UX up to 11.00. It is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. **Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA05-102A
Multiple Vulnerabilities in Microsoft Windows Components
Original release date: April 12, 2005 Last revised: -- Source: US-CERT
Systems Affected
* Microsoft Windows Systems
For a complete list of affected versions of the Windows operating systems and components, refer to the Microsoft Security Bulletins.
Overview
Microsoft has released a Security Bulletin Summary for April, 2005. This summary includes several bulletins that address vulnerabilities in various Windows applications and components. Details of the vulnerabilities and their impacts are provided below.
I. Description
The list below provides a mapping between Microsoft's Security Bulletins and the related US-CERT Vulnerability Notes. More information related to the vulnerabilities is available in these documents.
Microsoft Security Bulletin MS05-020: Cumulative Security Update for Internet Explorer (890923)
VU#774338 Microsoft Internet Explorer DHTML objects contain a
race condition
VU#756122 Microsoft Internet Explorer URL validation routine
contains a buffer overflow
VU#222050 Microsoft Internet Explorer Content Advisor contains a
buffer overflow
Microsoft Security Bulletin MS05-02: Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)
VU#275193 Microsoft Exchange Server contains unchecked buffer in SMTP
extended verb handling
Microsoft Security Bulletin MS05-022: Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)
VU#633446 Microsoft MSN Messenger GIF processing
buffer overflow
Microsoft Security Bulletin MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)
VU#233754 Microsoft Windows does not adequately validate IP
packets
II.
III. Solution
Apply a patch
Microsoft has provided the patches for these vulnerabilities in the Security Bulletins and on Windows Update.
Appendix A. References
* Microsoft's Security Bulletin Summary for April, 2005 - <
http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx>
* US-CERT Vulnerability Note VU#774338 -
<http://www.kb.cert.org/vuls/id/774338>
* US-CERT Vulnerability Note VU#756122 -
<http://www.kb.cert.org/vuls/id/756122>
* US-CERT Vulnerability Note VU#222050 -
<http://www.kb.cert.org/vuls/id/222050>
* US-CERT Vulnerability Note VU#275193 -
<http://www.kb.cert.org/vuls/id/275193>
* US-CERT Vulnerability Note VU#633446 -
<http://www.kb.cert.org/vuls/id/633446>
* US-CERT Vulnerability Note VU#233754 -
<http://www.kb.cert.org/vuls/id/233754>
Feedback can be directed to the authors: Will Dormann, Jeff Gennari, Chad Dougherty, Ken MacInnis, Jason Rafail, Art Manion, and Jeff Havrilla.
This document is available from:
<http://www.us-cert.gov/cas/techalerts/TA05-102A.html>
Copyright 2005 Carnegie Mellon University.
Terms of use: http://www.us-cert.gov/legal.html
Revision History
April 12, 2005: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQlxwexhoSezw4YfQAQJ4RAf/bTgaa6SBDMJveqW/GnQET79F9aVPM1S2 glam1w4YFyOdyIHpDYqQZRBqgXgpJjel/MiH02tZreU5mgIjkPIWA3gleepyWvnN 7VYv8KcbSnyvGxDl/8K2YjFz550gxA3pkRD7IiqdpOums87lJ7xM7sjdUY0ZA8aF JEvA4gfndpgLSuISV7Gf8y1s4MU329DurNy3t8W4EB9Iuef/E4Z058IvHnz9dTnT XwBnyW1KfH2Ohpy7QBOtcXt1wXU8X0F+d01g/VZmTL7xVwXmcPi8UpS7bPK8A17+ asqo582KjZVR56iL7fqNQzsrXUGZncEnX/8QOhi3Ym2LfAEkKrg3rw== =BY/p -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "r2"
},
{
"_id": null,
"model": "windows xp",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"_id": null,
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"_id": null,
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(itanium)"
},
{
"_id": null,
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"_id": null,
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"_id": null,
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"_id": null,
"model": "windows xp home sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "bsd/os",
"scope": "eq",
"trust": 0.6,
"vendor": "bsdi",
"version": "2.1"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.01"
},
{
"_id": null,
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "ne",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.3.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.31"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"_id": null,
"model": "ios aa",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.15"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.10"
},
{
"_id": null,
"model": "freebsd",
"scope": "ne",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.0"
},
{
"_id": null,
"model": "windows xp professional",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows nt enterprise server sp4",
"scope": "ne",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "bsd/os",
"scope": "ne",
"trust": 0.6,
"vendor": "bsdi",
"version": "3.0"
},
{
"_id": null,
"model": "windows server enterprise edition sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.34"
},
{
"_id": null,
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "ios f",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.4"
},
{
"_id": null,
"model": "ios bt",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0.12"
},
{
"_id": null,
"model": "windows nt workstation sp4",
"scope": "ne",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20030"
},
{
"_id": null,
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "ios ia",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.15"
},
{
"_id": null,
"model": "netbsd",
"scope": "ne",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.3"
},
{
"_id": null,
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "bsd/os",
"scope": "ne",
"trust": 0.6,
"vendor": "bsdi",
"version": "3.1"
},
{
"_id": null,
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.1.x"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.2"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.1"
},
{
"_id": null,
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "10.3.16"
},
{
"_id": null,
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.38"
},
{
"_id": null,
"model": "windows server standard edition sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "4.1"
},
{
"_id": null,
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "bsd/os",
"scope": "eq",
"trust": 0.6,
"vendor": "bsdi",
"version": "2.0"
},
{
"_id": null,
"model": "windows xp media center edition",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.36"
},
{
"_id": null,
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.3"
},
{
"_id": null,
"model": "ios bt",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0.17"
},
{
"_id": null,
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20030"
},
{
"_id": null,
"model": "freebsd",
"scope": "ne",
"trust": 0.6,
"vendor": "freebsd",
"version": "3.x"
},
{
"_id": null,
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows server datacenter edition sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"_id": null,
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.10"
},
{
"_id": null,
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.7"
},
{
"_id": null,
"model": "bsd/os",
"scope": "eq",
"trust": 0.6,
"vendor": "bsdi",
"version": "2.0.1"
},
{
"_id": null,
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows server enterprise edition itanium sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"_id": null,
"model": "bsd/os",
"scope": "eq",
"trust": 0.6,
"vendor": "bsdi",
"version": "1.1"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.33"
},
{
"_id": null,
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "open desktop",
"scope": "eq",
"trust": 0.6,
"vendor": "sco",
"version": "3.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"_id": null,
"model": "ios ia",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.9"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.16"
},
{
"_id": null,
"model": "netbsd",
"scope": "ne",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.3.2"
},
{
"_id": null,
"model": "ios aa",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.7"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0.17"
},
{
"_id": null,
"model": "windows server datacenter edition itanium sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"_id": null,
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "unixware",
"scope": "eq",
"trust": 0.6,
"vendor": "sco",
"version": "2.1"
},
{
"_id": null,
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "ne",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"_id": null,
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.4"
},
{
"_id": null,
"model": "ios a",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "10.3.19"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.1"
},
{
"_id": null,
"model": "ios f1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.4"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.35"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "11.0"
},
{
"_id": null,
"model": "windows xp home",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "cmw+",
"scope": "eq",
"trust": 0.6,
"vendor": "sco",
"version": "3.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2"
},
{
"_id": null,
"model": "bsd/os",
"scope": "ne",
"trust": 0.6,
"vendor": "bsdi",
"version": "4.0"
},
{
"_id": null,
"model": "windows server web edition",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1"
},
{
"_id": null,
"model": "ios ca",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.15"
},
{
"_id": null,
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "ios/700",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.30"
},
{
"_id": null,
"model": "sunos",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "4.1.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1"
},
{
"_id": null,
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "95"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.2.10"
},
{
"_id": null,
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "29xx2.4.401"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.37"
},
{
"_id": null,
"model": "sunos u1",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "4.1.3"
},
{
"_id": null,
"model": "windows nt",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "3.5.1"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.24"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "atm switch",
"scope": "eq",
"trust": 0.6,
"vendor": "marconi",
"version": "6.1.1"
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.32"
},
{
"_id": null,
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt terminal server sp4",
"scope": "ne",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows xp home sp2",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "29xx2.1.1102"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"_id": null,
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "open server",
"scope": "eq",
"trust": 0.6,
"vendor": "sco",
"version": "5.0"
},
{
"_id": null,
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "freebsd",
"scope": "ne",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"_id": null,
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "ios p",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.9"
},
{
"_id": null,
"model": "atm switch",
"scope": "eq",
"trust": 0.6,
"vendor": "marconi",
"version": "7.0.1"
},
{
"_id": null,
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"_id": null,
"model": "windows nt server sp4",
"scope": "ne",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.15"
},
{
"_id": null,
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.20"
},
{
"_id": null,
"model": "bsd/os",
"scope": "ne",
"trust": 0.6,
"vendor": "bsdi",
"version": "4.0.1"
},
{
"_id": null,
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "ios ca",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.7"
},
{
"_id": null,
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.2"
},
{
"_id": null,
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1x"
},
{
"_id": null,
"model": "windows server web edition sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.30"
},
{
"_id": null,
"model": "windows xp",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "sp2"
},
{
"_id": null,
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"_id": null,
"model": "windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"_id": null,
"model": "windows xp embedded sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows xp embedded",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "windows xp gold",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"_id": null,
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "windows nt sp5",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt sp3 alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"_id": null,
"model": "windows nt sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:microsoft:windows_server_2003",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_xp",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
}
]
},
"credits": {
"_id": null,
"data": "Dejan Levaja dejan@levaja.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0688",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0688",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0688",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#396645",
"trust": 0.8,
"value": "12.15"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#233754",
"trust": 0.8,
"value": "12.29"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#275193",
"trust": 0.8,
"value": "36.15"
},
{
"author": "NVD",
"id": "CVE-2005-0688",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200503-048",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"description": {
"_id": null,
"data": "Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the \"Land\" vulnerability (CVE-1999-0016). Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices \u0026amp; Catalyst switches, and HP-UX up to 11.00. \nIt is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. \n**Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n National Cyber Alert System \n\n Technical Cyber Security Alert TA05-102A \n\nMultiple Vulnerabilities in Microsoft Windows Components\n\n Original release date: April 12, 2005\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Microsoft Windows Systems\n\n For a complete list of affected versions of the Windows operating\n systems and components, refer to the Microsoft Security Bulletins. \n\n\nOverview\n\n Microsoft has released a Security Bulletin Summary for April, 2005. \n This summary includes several bulletins that address\n vulnerabilities in various Windows applications and\n components. Details of\n the vulnerabilities and their impacts are provided below. \n\n\nI. Description\n\n The list below provides a mapping between Microsoft\u0027s Security\n Bulletins and the related US-CERT Vulnerability Notes. More\n information related to the vulnerabilities is available in these\n documents. \n\n Microsoft Security Bulletin MS05-020: \n Cumulative Security Update for Internet Explorer (890923)\n\n VU#774338 Microsoft Internet Explorer DHTML objects contain a\n race condition\n\n VU#756122 Microsoft Internet Explorer URL validation routine\n contains a buffer overflow\n\n VU#222050 Microsoft Internet Explorer Content Advisor contains a\n buffer overflow\n\n\n Microsoft Security Bulletin MS05-02:\n Vulnerability in Exchange Server Could Allow Remote Code \n Execution (894549)\n\n VU#275193 Microsoft Exchange Server contains unchecked buffer in SMTP\n extended verb handling\n\n\n Microsoft Security Bulletin MS05-022: \n Vulnerability in MSN Messenger Could Lead to Remote Code Execution \n (896597)\n\n VU#633446 Microsoft MSN Messenger GIF processing\n buffer overflow\n\n\n Microsoft Security Bulletin MS05-019: \n Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial \n of Service (893066)\n\n VU#233754 Microsoft Windows does not adequately validate IP\n packets\n\n\nII. \n\n\nIII. Solution\n\nApply a patch\n\n Microsoft has provided the patches for these vulnerabilities in the\n Security Bulletins and on Windows Update. \n\n\nAppendix A. References\n\n * Microsoft\u0027s Security Bulletin Summary for April, 2005 - \u003c\n http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx\u003e\n\n * US-CERT Vulnerability Note VU#774338 -\n \u003chttp://www.kb.cert.org/vuls/id/774338\u003e\n\n * US-CERT Vulnerability Note VU#756122 -\n \u003chttp://www.kb.cert.org/vuls/id/756122\u003e\n\n * US-CERT Vulnerability Note VU#222050 -\n \u003chttp://www.kb.cert.org/vuls/id/222050\u003e\n\n * US-CERT Vulnerability Note VU#275193 -\n \u003chttp://www.kb.cert.org/vuls/id/275193\u003e\n\n * US-CERT Vulnerability Note VU#633446 -\n \u003chttp://www.kb.cert.org/vuls/id/633446\u003e\n\n * US-CERT Vulnerability Note VU#233754 -\n \u003chttp://www.kb.cert.org/vuls/id/233754\u003e\n _________________________________________________________________\n\n Feedback can be directed to the authors: Will Dormann, Jeff Gennari,\n Chad Dougherty, Ken MacInnis, Jason Rafail, Art Manion, and Jeff\n Havrilla. \n _________________________________________________________________\n\n This document is available from: \n \n \u003chttp://www.us-cert.gov/cas/techalerts/TA05-102A.html\u003e \n \n _________________________________________________________________\n\n Copyright 2005 Carnegie Mellon University. \n \n Terms of use: \u003chttp://www.us-cert.gov/legal.html\u003e\n _________________________________________________________________\n\n Revision History\n\n April 12, 2005: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBQlxwexhoSezw4YfQAQJ4RAf/bTgaa6SBDMJveqW/GnQET79F9aVPM1S2\nglam1w4YFyOdyIHpDYqQZRBqgXgpJjel/MiH02tZreU5mgIjkPIWA3gleepyWvnN\n7VYv8KcbSnyvGxDl/8K2YjFz550gxA3pkRD7IiqdpOums87lJ7xM7sjdUY0ZA8aF\nJEvA4gfndpgLSuISV7Gf8y1s4MU329DurNy3t8W4EB9Iuef/E4Z058IvHnz9dTnT\nXwBnyW1KfH2Ohpy7QBOtcXt1wXU8X0F+d01g/VZmTL7xVwXmcPi8UpS7bPK8A17+\nasqo582KjZVR56iL7fqNQzsrXUGZncEnX/8QOhi3Ym2LfAEkKrg3rw==\n=BY/p\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0688"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "37198"
}
],
"trust": 4.41
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2005-0688",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "14512",
"trust": 2.4
},
{
"db": "USCERT",
"id": "TA05-102A",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "22341",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3983",
"trust": 1.6
},
{
"db": "BID",
"id": "2666",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#233754",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#275193",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "14578",
"trust": 0.8
},
{
"db": "XF",
"id": "19593",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#396645",
"trust": 0.8
},
{
"db": "BID",
"id": "13116",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1013686",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "14920",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "15467",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167",
"trust": 0.8
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:4978",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1288",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:482",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1685",
"trust": 0.6
},
{
"db": "MS",
"id": "MS06-064",
"trust": 0.6
},
{
"db": "MS",
"id": "MS05-019",
"trust": 0.6
},
{
"db": "HP",
"id": "SSRT061264",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20050305 WINDOWS SERVER 2003 AND XP SP2 LAND ATTACK VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048",
"trust": 0.6
},
{
"db": "BID",
"id": "13658",
"trust": 0.3
},
{
"db": "CERT/CC",
"id": "VU#774338",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#633446",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#756122",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#222050",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37198",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"id": "VAR-200503-0010",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.36792661
},
"last_update_date": "2026-03-09T22:31:01.611000Z",
"patch": {
"_id": null,
"data": [
{
"title": "MS06-064",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS06-064.mspx"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS05-019.mspx"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/MS05-019.mspx"
},
{
"title": "MS06-064",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/MS06-064.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/14512/"
},
{
"trust": 1.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-102a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22341"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4978"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=111005099504081\u0026w=2"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1685"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a482"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1288"
},
{
"trust": 0.9,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/14512"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2666 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/19593"
},
{
"trust": 0.8,
"url": "http://osvdb.org/displayvuln.php?osvdb_id=14578"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/192"
},
{
"trust": 0.8,
"url": "http://www.iana.org/assignments/ip-parameters"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/13116/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/apr/1013686.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/193"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-021.mspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/14920/"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=15467"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0688"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20050413-ms05-019.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2005/wr051601.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta05-102a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta05-102a/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0688"
},
{
"trust": 0.8,
"url": "http://www.securiteam.com/windowsntfocus/5pp0720f5u.html"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/support/kb/articles/q165/0/05.asp"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/support/kb/articles/q177/5/39.asp"
},
{
"trust": 0.6,
"url": "http://support.novell.com/cgi-bin/search/tidfinder.cgi?2932511"
},
{
"trust": 0.6,
"url": "http://www.cisco.com/warp/public/770/land-pub.shtml#iosvers"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/392354"
},
{
"trust": 0.6,
"url": "/archive/1/392642"
},
{
"trust": 0.6,
"url": "/archive/1/393045"
},
{
"trust": 0.6,
"url": "/archive/1/392354"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=111005099504081\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3983"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4978"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:482"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1685"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1288"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-217.htm"
},
{
"trust": 0.3,
"url": "/archive/1/400188"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/633446\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/222050\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/233754\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/275193\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/774338\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-102a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/756122\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#396645",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#233754",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#275193",
"ident": null
},
{
"db": "BID",
"id": "13658",
"ident": null
},
{
"db": "BID",
"id": "2666",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "37198",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2005-0688",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#396645",
"ident": null
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#233754",
"ident": null
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#275193",
"ident": null
},
{
"date": "2005-05-17T00:00:00",
"db": "BID",
"id": "13658",
"ident": null
},
{
"date": "1997-11-20T00:00:00",
"db": "BID",
"id": "2666",
"ident": null
},
{
"date": "2005-04-19T06:59:49",
"db": "PACKETSTORM",
"id": "37198",
"ident": null
},
{
"date": "1997-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200503-048",
"ident": null
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000167",
"ident": null
},
{
"date": "2005-03-05T05:00:00",
"db": "NVD",
"id": "CVE-2005-0688",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#396645",
"ident": null
},
{
"date": "2005-05-03T00:00:00",
"db": "CERT/CC",
"id": "VU#233754",
"ident": null
},
{
"date": "2005-08-02T00:00:00",
"db": "CERT/CC",
"id": "VU#275193",
"ident": null
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13658",
"ident": null
},
{
"date": "2009-07-11T06:06:00",
"db": "BID",
"id": "2666",
"ident": null
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200503-048",
"ident": null
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000167",
"ident": null
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-0688",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Microsoft Windows vulnerable to DoS via LAND attack",
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
}
],
"trust": 0.6
}
}
VAR-200807-0659
Vulnerability from variot - Updated: 2026-03-09 21:24ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named. Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. This issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable. ----------------------------------------------------------------------
Do you need accurate and reliable IDS / IPS / AV detection rules?
Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/
TITLE: pdnsd DNS Cache Poisoning and Denial of Service
SECUNIA ADVISORY ID: SA31847
VERIFY ADVISORY: http://secunia.com/advisories/31847/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
SOFTWARE: pdnsd 1.x http://secunia.com/advisories/product/9584/
DESCRIPTION: Some vulnerabilities have been reported in pdnsd, which can be exploited by malicious people to poison the DNS cache and cause a DoS (Denial of Service).
1) A vulnerability is caused due to pdnsd not sufficiently randomising the query port number, which can be exploited to poison the DNS cache.
2) An error exists within the "p_exec_query()" function in src/dns_query.c when processing long replies with many answer sections. This can be exploited to e.g. crash the service by sending a specially crafted reply.
The vulnerabilities are reported in versions prior to version 1.2.7-par.
SOLUTION: Update to version 1.2.7-par.
PROVIDED AND/OR DISCOVERED BY: 1) Dan Kaminsky, IOActive. 2) Reported by the vendor.
ORIGINAL ADVISORY: http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
OTHER REFERENCES: US-CERT VU#800113: http://www.kb.cert.org/vuls/id/800113
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "snv_58"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "snv_48"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "snv_60"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "snv_92"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "snv_47"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "snv_61"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "snv_59"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "snv_94"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_25"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_72"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_09"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_46"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_29"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_83"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_70"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_75"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_15"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_78"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_21"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_66"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_20"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_63"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_11"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_52"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_24"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "10"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_35"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_76"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_07"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_69"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_74"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_14"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_16"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_01"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_12"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_18"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_33"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_71"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_44"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_81"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_67"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_31"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_64"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_84"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_17"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_62"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_77"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_91"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_93"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_86"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_36"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_04"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_41"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_13"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_39"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_37"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_32"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_05"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_38"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_89"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_57"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_22"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_56"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_65"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_88"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_02"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_54"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_68"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_53"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_23"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_85"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_87"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_03"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_28"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_06"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_40"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_73"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_30"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_79"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_27"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_45"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_26"
},
{
"_id": null,
"model": "opensolaris",
"scope": "lte",
"trust": 1.0,
"vendor": "sun",
"version": "snv_95"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_42"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_10"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_19"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_82"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_90"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_80"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_55"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_43"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_50"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_08"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_49"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_34"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_51"
},
{
"_id": null,
"model": "ios 12.4",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bluecat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "force10",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "funkwerk",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "infoblox",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nixu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nominum",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qnx",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing network security division",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dnsmasq",
"version": null
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(sparc)"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"_id": null,
"model": "netware sp1.1",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "snv_95"
},
{
"_id": null,
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.9-1"
},
{
"_id": null,
"model": "ios 12.3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing cyberguard tsp",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"_id": null,
"model": "dnsmasq",
"scope": "eq",
"trust": 0.3,
"vendor": "dnsmasq",
"version": "2.35"
},
{
"_id": null,
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.1"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"_id": null,
"model": "networks pmbb",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"_id": null,
"model": "rt140i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4"
},
{
"_id": null,
"model": "rt105i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"_id": null,
"model": "windows server datacenter edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "netware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2"
},
{
"_id": null,
"model": "networks screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0"
},
{
"_id": null,
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"_id": null,
"model": "ios 12.3yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.2zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "-par",
"scope": "ne",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.3"
},
{
"_id": null,
"model": "coat systems packetshaper",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "ios 12.3xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1"
},
{
"_id": null,
"model": "networks junose p0-2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3.5"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.1"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.03"
},
{
"_id": null,
"model": "bind p6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.17"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"_id": null,
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7"
},
{
"_id": null,
"model": "river systems linux",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "3.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"_id": null,
"model": "storage management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"_id": null,
"model": "ios 12.3xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "4.1.43"
},
{
"_id": null,
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.03"
},
{
"_id": null,
"model": "rtx3000",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.4"
},
{
"_id": null,
"model": "network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"_id": null,
"model": "bind b3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "ios 12.2zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1.02"
},
{
"_id": null,
"model": "windows xp tablet pc edition sp3",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.3"
},
{
"_id": null,
"model": "bind b4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"_id": null,
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "6.0"
},
{
"_id": null,
"model": "vitalqip sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "6.1"
},
{
"_id": null,
"model": "ios 12.3xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.02"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.4"
},
{
"_id": null,
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.19"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"_id": null,
"model": "access gateway standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.7"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "windows server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "windows advanced server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "rtx1100",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "matsumoto ruby -p229",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"_id": null,
"model": "ios 12.0wc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.0xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "matsumoto ruby -p115",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"_id": null,
"model": "networks self-service ccss7",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "-0"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.04"
},
{
"_id": null,
"model": "computing cyberguard classic",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"_id": null,
"model": "matsumoto ruby -p286",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "netware sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.6.1"
},
{
"_id": null,
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "tcp/ip services for openvms integrity",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"_id": null,
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.157.3"
},
{
"_id": null,
"model": "ios 12.3yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.1"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"_id": null,
"model": "matsumoto ruby -p22",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"_id": null,
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "matsumoto ruby -p230",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"_id": null,
"model": "access gateway standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.6"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1"
},
{
"_id": null,
"model": "networks nsna switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4070"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.3"
},
{
"_id": null,
"model": "ios 12.1ay",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "rt105p",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "bind beta",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.3"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.2"
},
{
"_id": null,
"model": "ios 12.2by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20070"
},
{
"_id": null,
"model": "bind 9.5.0a7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "networks self-service peri workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "6.2"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.1"
},
{
"_id": null,
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.03"
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"_id": null,
"model": "networks optical software upgrade manager",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "8.0"
},
{
"_id": null,
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "windows server standard edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "ios 12.2xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.20"
},
{
"_id": null,
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "bind 9.5.1b1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "coat systems packetshaper",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "8.4"
},
{
"_id": null,
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "rt102i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.7"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"_id": null,
"model": "bind 9.5.0a6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.1.8"
},
{
"_id": null,
"model": "rtv01",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "ios 12.2ze",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.3"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.3"
},
{
"_id": null,
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "tcp/ip services for openvms integrity",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.6"
},
{
"_id": null,
"model": "networks ensm enterprise nms",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "-10.4"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"_id": null,
"model": "ios 12.4xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.3xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "network registar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.1"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"_id": null,
"model": "rta54i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "ios 12.3xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "coat systems packetshaper",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.2"
},
{
"_id": null,
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.1"
},
{
"_id": null,
"model": "djbdns",
"scope": "ne",
"trust": 0.3,
"vendor": "djbdns",
"version": "0"
},
{
"_id": null,
"model": "ios 12.3ys",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "matsumoto ruby pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.6"
},
{
"_id": null,
"model": "ios 12.4xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "ios 12.4xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"_id": null,
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.1.1"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.2"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "net-dns/dnsmasq",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "2.43"
},
{
"_id": null,
"model": "bind p7",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"_id": null,
"model": "ios 12.2xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"_id": null,
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"_id": null,
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.4"
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "windows xp media center edition sp3",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.3"
},
{
"_id": null,
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.14"
},
{
"_id": null,
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.4"
},
{
"_id": null,
"model": "ios 12.2xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "rt200i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "ios 12.3xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "windows server enterprise edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "bind 9.4.3b2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "windows server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "bind p5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"_id": null,
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"_id": null,
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "linux enterprise sdk sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "networks junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1.1"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "rt58i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "networks junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.02"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1"
},
{
"_id": null,
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.0.5"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"_id": null,
"model": "networks optical ambb",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.2"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.4"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "coat systems ishaper",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.14"
},
{
"_id": null,
"model": "networks junose p0-1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"_id": null,
"model": "nios",
"scope": "eq",
"trust": 0.3,
"vendor": "infoblox",
"version": "4"
},
{
"_id": null,
"model": "ios 12.3yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "windows datacenter server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.2"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "networks optical rmbb",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.7"
},
{
"_id": null,
"model": "windows advanced server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "ios 12.3ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"_id": null,
"model": "ios 12.4mr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "networks optical application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"_id": null,
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.3"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.9"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6"
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"_id": null,
"model": "networks screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "windows professional sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "networks srg",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1.0"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "networks optical fmbb",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "ios 12.4xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.3xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2"
},
{
"_id": null,
"model": "bind 9.3.5-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "ios 12.1ea",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "tru64 unix b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"_id": null,
"model": "ios 12.3xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4xv"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4"
},
{
"_id": null,
"model": "netware sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"_id": null,
"model": "ios 12.3yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1.3"
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.9"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.02"
},
{
"_id": null,
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "ios 12.3xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.3"
},
{
"_id": null,
"model": "rt107e",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.3"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.1"
},
{
"_id": null,
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.1"
},
{
"_id": null,
"model": "gnu/*/linux 2.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "openwall",
"version": null
},
{
"_id": null,
"model": "ios 12.4xz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.5"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"_id": null,
"model": "network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"_id": null,
"model": "windows server itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6"
},
{
"_id": null,
"model": "wanjet",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.0.2"
},
{
"_id": null,
"model": "rtx1500",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "ios 12.2zd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "srt100",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "ios 12.1ex",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.047.8"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "ios 12.3yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "7.x"
},
{
"_id": null,
"model": "ios 12.3xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.0xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.4xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "rt103i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "windows server itanium sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "dns library pydns",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "2.3"
},
{
"_id": null,
"model": "windows xp home sp3",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "5.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.6"
},
{
"_id": null,
"model": "ios 12.0xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "networks multimedia comm mcs5100",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"_id": null,
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.4"
},
{
"_id": null,
"model": "ios 12.4t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"_id": null,
"model": "ios 12.2yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "networks junos 8.5.r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9"
},
{
"_id": null,
"model": "ios 12.2bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.2xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.01"
},
{
"_id": null,
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "ipod touch",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rt80i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"_id": null,
"model": "ios 12.3xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.3va",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.0.01"
},
{
"_id": null,
"model": "rtx2000",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "networks bcm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "200"
},
{
"_id": null,
"model": "ios 12.2yv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "-current",
"scope": null,
"trust": 0.3,
"vendor": "openbsd",
"version": null
},
{
"_id": null,
"model": "network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"_id": null,
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.4"
},
{
"_id": null,
"model": "rt100i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "networks junose p0-1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1.3"
},
{
"_id": null,
"model": "dns one appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "infoblox",
"version": "2"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "coat systems proxysg",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "5.2.4.3"
},
{
"_id": null,
"model": "ios 12.4xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "networks self-service ccxml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.6"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
},
{
"_id": null,
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0.2"
},
{
"_id": null,
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "ios 12.4md",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20080"
},
{
"_id": null,
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "network registar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1"
},
{
"_id": null,
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.01"
},
{
"_id": null,
"model": "coat systems ishaper",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.2"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "matsumoto ruby pre4",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"_id": null,
"model": "windows xp professional edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"_id": null,
"model": "nonstop server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6"
},
{
"_id": null,
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"_id": null,
"model": "netware sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "netware sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.1.01"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "matsumoto ruby -p71",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"_id": null,
"model": "ios 12.3bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.04"
},
{
"_id": null,
"model": "ios 12.3yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "iphone",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.3.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.8"
},
{
"_id": null,
"model": "ios 12.3yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.3yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.2zg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "windows xp professional sp3",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "ios 12.2yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.1"
},
{
"_id": null,
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.4"
},
{
"_id": null,
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.3xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.15"
},
{
"_id": null,
"model": "open enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.01"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"_id": null,
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.5.2"
},
{
"_id": null,
"model": "bind 9.5.0b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1.2"
},
{
"_id": null,
"model": "netware sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "access gateway standard edition rev a",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.7"
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.3"
},
{
"_id": null,
"model": "bind 9.5.0a5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "ios 12.4xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "software vantio",
"scope": "eq",
"trust": 0.3,
"vendor": "nominum",
"version": "3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(21)"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.5"
},
{
"_id": null,
"model": "rta50i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "ios 12.4xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"_id": null,
"model": "matsumoto ruby -p230",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.11"
},
{
"_id": null,
"model": "network registar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1.5"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.0.2.8"
},
{
"_id": null,
"model": "networks junose p0-7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0.1"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.18"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"_id": null,
"model": "ios 12.2yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "windows datacenter server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.7"
},
{
"_id": null,
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "rt60w",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"_id": null,
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "rt57i",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "windows server itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1.1"
},
{
"_id": null,
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.1"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"_id": null,
"model": "matsumoto ruby -p114",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "networks ensm enterprise nms",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "-10.5"
},
{
"_id": null,
"model": "rt140p",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "ios 12.2xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"_id": null,
"model": "matsumoto ruby -p287",
"scope": "ne",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"_id": null,
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
},
{
"_id": null,
"model": "wanjet",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.0"
},
{
"_id": null,
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1.10"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.2"
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.02"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "matsumoto ruby -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"_id": null,
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1.4"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "3,1 rc1",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "networks self-service web centric ccxml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.5"
},
{
"_id": null,
"model": "access gateway standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "dnsmasq",
"scope": "eq",
"trust": 0.3,
"vendor": "dnsmasq",
"version": "2.4.1"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.04"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"_id": null,
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1"
},
{
"_id": null,
"model": "ios 12.3yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"_id": null,
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.9-2"
},
{
"_id": null,
"model": "networks junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0.2"
},
{
"_id": null,
"model": "tru64 unix b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1.0"
},
{
"_id": null,
"model": "ios 12.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"_id": null,
"model": "netware sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "networks trail manager route advisor",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "matsumoto ruby pre2",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"_id": null,
"model": "ios 12.4xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "coat systems director",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "5.2.2.5"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.4.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.1.1"
},
{
"_id": null,
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"_id": null,
"model": "ios 12.4xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "access gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5"
},
{
"_id": null,
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "netware sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "netware sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "computing sidewinder g2",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "6.1.0.01"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "ios 12.4xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "rt105e",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "ios 12.4sw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "rt140f",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"_id": null,
"model": "ios 12.3yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "6.1"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.4"
},
{
"_id": null,
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"_id": null,
"model": "rt56v",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "rtv700",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"_id": null,
"model": "netware sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.2"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0"
},
{
"_id": null,
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "netware sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"_id": null,
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.5"
},
{
"_id": null,
"model": "networks junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.4"
},
{
"_id": null,
"model": "ios 12.2xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "rtw65i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "ios 12.1xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "rt300i",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"_id": null,
"model": "bind p4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"_id": null,
"model": "gnu/*/linux 2.0-current",
"scope": null,
"trust": 0.3,
"vendor": "openwall",
"version": null
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.7"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "networks self-service wvads",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "secure name server",
"scope": "eq",
"trust": 0.3,
"vendor": "nixu",
"version": "1"
},
{
"_id": null,
"model": "matsumoto ruby pre3",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"_id": null,
"model": "windows server web edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "ios 12.2yo",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "river systems linux",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "0"
},
{
"_id": null,
"model": "coat systems proxysg",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "4.2.8.7"
},
{
"_id": null,
"model": "ios 12.4xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"_id": null,
"model": "windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"_id": null,
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"_id": null,
"model": "ios 12.2zj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "software caching name server",
"scope": "eq",
"trust": 0.3,
"vendor": "nominum",
"version": "3"
},
{
"_id": null,
"model": "ios 12.2yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"_id": null,
"model": "rta55i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"_id": null,
"model": "ios 12.3xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "matsumoto ruby -p72",
"scope": "ne",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.14"
},
{
"_id": null,
"model": "coat systems proxyra",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"_id": null,
"model": "coat systems proxyra",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "2.3.2.1"
},
{
"_id": null,
"model": "rtx1000",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.1.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "ios 12.1ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.5"
},
{
"_id": null,
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"_id": null,
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0"
},
{
"_id": null,
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "1.2-par",
"scope": null,
"trust": 0.3,
"vendor": "pdnsd",
"version": null
},
{
"_id": null,
"model": "ios 12.3xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "coat systems director",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "4.2.2.4"
},
{
"_id": null,
"model": "ios 12.2ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "networks nsna switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4050"
},
{
"_id": null,
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "netware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"_id": null,
"model": "rta52i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.0"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.0.02"
},
{
"_id": null,
"model": "computing sidewinder g2",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "6.1.0.02"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.4"
},
{
"_id": null,
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "ios 12.2cz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "ios 12.2zf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0"
},
{
"_id": null,
"model": "rtw65b",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"_id": null,
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.3"
},
{
"_id": null,
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "ios 12.3tpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.0.01"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "netware sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"_id": null,
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "net-dns/dnsmasq",
"scope": "ne",
"trust": 0.3,
"vendor": "gentoo",
"version": "2.45"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"_id": null,
"model": "networks junose p0-6",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.3"
},
{
"_id": null,
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "netware sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"_id": null,
"model": "windows professional sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.6"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.16"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.03"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"_id": null,
"model": "ios 12.3ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "networks self service voicexml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "ios 12.4xy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"_id": null,
"model": "rt140e",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.01"
},
{
"_id": null,
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"_id": null,
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.6"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"_id": null,
"model": "networks optical trail manager",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bind 9.4.2-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "ios 12.2xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.2zb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.1.7"
},
{
"_id": null,
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1.02"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.1.01"
},
{
"_id": null,
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.04"
},
{
"_id": null,
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"_id": null,
"model": "ios 12.2tpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "matsumoto ruby -p231",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.1"
},
{
"_id": null,
"model": "ios 12.2yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.4"
},
{
"_id": null,
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.0.02"
},
{
"_id": null,
"model": "matsumoto ruby -p21",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"_id": null,
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"_id": null,
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "BID",
"id": "30131"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-293"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001971"
},
{
"db": "NVD",
"id": "CVE-2008-5133"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:sun:opensolaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001971"
}
]
},
"credits": {
"_id": null,
"data": "Dan Kaminsky",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200811-293"
}
],
"trust": 0.6
},
"cve": "CVE-2008-5133",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2008-5133",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-5133",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#800113",
"trust": 0.8,
"value": "27.54"
},
{
"author": "NVD",
"id": "CVE-2008-5133",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200811-293",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-293"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001971"
},
{
"db": "NVD",
"id": "CVE-2008-5133"
}
]
},
"description": {
"_id": null,
"data": "ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named. Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Multiple vendors\u0027 implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. \nSuccessfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. \nThis issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\npdnsd DNS Cache Poisoning and Denial of Service\n\nSECUNIA ADVISORY ID:\nSA31847\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/31847/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\npdnsd 1.x\nhttp://secunia.com/advisories/product/9584/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in pdnsd, which can be\nexploited by malicious people to poison the DNS cache and cause a DoS\n(Denial of Service). \n\n1) A vulnerability is caused due to pdnsd not sufficiently\nrandomising the query port number, which can be exploited to poison\nthe DNS cache. \n\n2) An error exists within the \"p_exec_query()\" function in\nsrc/dns_query.c when processing long replies with many answer\nsections. This can be exploited to e.g. crash the service by sending\na specially crafted reply. \n\nThe vulnerabilities are reported in versions prior to version\n1.2.7-par. \n\nSOLUTION:\nUpdate to version 1.2.7-par. \n\nPROVIDED AND/OR DISCOVERED BY:\n1) Dan Kaminsky, IOActive. \n2) Reported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog\n\nOTHER REFERENCES:\nUS-CERT VU#800113:\nhttp://www.kb.cert.org/vuls/id/800113\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-5133"
},
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001971"
},
{
"db": "BID",
"id": "30131"
},
{
"db": "PACKETSTORM",
"id": "70051"
}
],
"trust": 2.7
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2008-5133",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "32625",
"trust": 2.4
},
{
"db": "VUPEN",
"id": "ADV-2008-3129",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#800113",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001971",
"trust": 0.8
},
{
"db": "SUNALERT",
"id": "245206",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200811-293",
"trust": 0.6
},
{
"db": "BID",
"id": "30131",
"trust": 0.3
},
{
"db": "SECUNIA",
"id": "31847",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "70051",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "BID",
"id": "30131"
},
{
"db": "PACKETSTORM",
"id": "70051"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-293"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001971"
},
{
"db": "NVD",
"id": "CVE-2008-5133"
}
]
},
"id": "VAR-200807-0659",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38072691000000003
},
"last_update_date": "2026-03-09T21:24:34.870000Z",
"patch": {
"_id": null,
"data": [
{
"title": "245206",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-245206-1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001971"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001971"
},
{
"db": "NVD",
"id": "CVE-2008-5133"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.4,
"url": "http://secunia.com/advisories/32625"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/3129"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-245206-1"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46721"
},
{
"trust": 0.8,
"url": "http://csrc.nist.gov/publications/nistpubs/800-81/sp800-81.pdf"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3833"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc2827"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3704"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3013"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc4033"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/draft-ietf-tsvwg-port-randomization"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_random.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_transmit.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/forgery.html"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/microsoftdns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind9dns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind8dns"
},
{
"trust": 0.8,
"url": "http://www.sans.org/reading_room/whitepapers/dns/1567.php"
},
{
"trust": 0.8,
"url": "http://blogs.iss.net/archive/morednsnat.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/cert/jvnvu800113/"
},
{
"trust": 0.8,
"url": "http://www.cert.at/static/cert.at-0802-dns-patchanalysis.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5133"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-5133"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/3129"
},
{
"trust": 0.4,
"url": "http://www.phys.uu.nl/~rombouts/pdnsd/changelog"
},
{
"trust": 0.4,
"url": "http://www.kb.cert.org/vuls/id/800113"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/isrs_available_for_bind_dns"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht3137"
},
{
"trust": 0.3,
"url": "http://blog.ncircle.com/blogs/sync/archives/2008/08/apple_dns_patch_fails_to_rando.html"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.5-p2"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.4.2-p2"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.5.0-p2"
},
{
"trust": 0.3,
"url": "http://www.bluecatnetworks.com/clientsupport/"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com"
},
{
"trust": 0.3,
"url": "http://www.tinydns.org/"
},
{
"trust": 0.3,
"url": "http://blog.metasploit.com/2008/07/on-dns-attacks-in-wild-and-journalistic.html"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/web/about/security/intelligence/dns-bcp.html"
},
{
"trust": 0.3,
"url": "http://www.securebits.org/dnsmre.html"
},
{
"trust": 0.3,
"url": "http://www.f5.com/products/big-ip/"
},
{
"trust": 0.3,
"url": "http://www.f5.com/"
},
{
"trust": 0.3,
"url": "http://support.citrix.com/article/ctx116762"
},
{
"trust": 0.3,
"url": "http://www.sec-consult.com/files/whitepaper-dns-node-redelegation.pdf"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/current/index.html#internet_system_consortium_releases_bind"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windows/default.mspx"
},
{
"trust": 0.3,
"url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata42.html"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata43.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-464.php"
},
{
"trust": 0.3,
"url": "http://darkoz.com/?p=15"
},
{
"trust": 0.3,
"url": "http://www.bluecatnetworks.com/"
},
{
"trust": 0.3,
"url": "http://f5.com/products/firepass/"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.3,
"url": "http://www.windriver.com/"
},
{
"trust": 0.3,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html"
},
{
"trust": 0.3,
"url": "http://www.zonealarm.com/"
},
{
"trust": 0.3,
"url": "/archive/1/500540"
},
{
"trust": 0.3,
"url": "/archive/1/495304"
},
{
"trust": 0.3,
"url": "/archive/1/494716"
},
{
"trust": 0.3,
"url": "/archive/1/494055"
},
{
"trust": 0.3,
"url": "/archive/1/495034"
},
{
"trust": 0.3,
"url": "/archive/1/494305"
},
{
"trust": 0.3,
"url": "/archive/1/494493"
},
{
"trust": 0.3,
"url": "/archive/1/494108"
},
{
"trust": 0.3,
"url": "/archive/1/494818"
},
{
"trust": 0.3,
"url": "/archive/1/495212"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-288.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml"
},
{
"trust": 0.3,
"url": "http://support.citrix.com/article/ctx117991"
},
{
"trust": 0.3,
"url": "http://hypersonic.bluecoat.com/support/securityadvisories/dns_cache_poisoning"
},
{
"trust": 0.3,
"url": "http://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01660723"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662368"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04530690 "
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz26670"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4j"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/mimg-7ecl8q"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/index.php?name=news\u0026file=article\u0026sid=40"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4z"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/advisory/956187.mspx"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx"
},
{
"trust": 0.3,
"url": "http://www1.alcatel-lucent.com/psirt/statements/2008003/dnscache.htm"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/mapg-7g7nuc"
},
{
"trust": 0.3,
"url": "http://www.nominum.com/asset_upload_file741_2661.pdf"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026documentoid=762152\u0026poid="
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=751322"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0533.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0789.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-240048-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-245206-1"
},
{
"trust": 0.3,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7000912\u0026sliceid=1"
},
{
"trust": 0.3,
"url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"
},
{
"trust": 0.3,
"url": "http://up2date.astaro.com/2008/09/up2date_6314_released.html"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=4527"
},
{
"trust": 0.3,
"url": "http://support.citrix.com/article/ctx118183"
},
{
"trust": 0.1,
"url": "http://secunia.com/binary_analysis/sample_analysis/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31847/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/9584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "BID",
"id": "30131"
},
{
"db": "PACKETSTORM",
"id": "70051"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-293"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001971"
},
{
"db": "NVD",
"id": "CVE-2008-5133"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#800113",
"ident": null
},
{
"db": "BID",
"id": "30131",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "70051",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200811-293",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001971",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2008-5133",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2008-07-08T00:00:00",
"db": "CERT/CC",
"id": "VU#800113",
"ident": null
},
{
"date": "2008-07-08T00:00:00",
"db": "BID",
"id": "30131",
"ident": null
},
{
"date": "2008-09-17T04:00:29",
"db": "PACKETSTORM",
"id": "70051",
"ident": null
},
{
"date": "2008-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200811-293",
"ident": null
},
{
"date": "2008-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001971",
"ident": null
},
{
"date": "2008-11-18T16:00:00.327000",
"db": "NVD",
"id": "CVE-2008-5133",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2014-04-14T00:00:00",
"db": "CERT/CC",
"id": "VU#800113",
"ident": null
},
{
"date": "2015-04-13T21:35:00",
"db": "BID",
"id": "30131",
"ident": null
},
{
"date": "2008-11-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200811-293",
"ident": null
},
{
"date": "2008-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001971",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-5133",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200811-293"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Multiple DNS implementations vulnerable to cache poisoning",
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200811-293"
}
],
"trust": 0.6
}
}
VAR-200707-0675
Vulnerability from variot - Updated: 2026-03-09 20:23The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". ISC BIND version 8 generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. plural DNS There is a vulnerability in the implementation that makes cache poisoning attacks easier. Recent research has found a more efficient method of cash poisoning than previously known. DNS As a cache server, PC Please note that there is a possibility of attack. Cash poisoning attack forged response This is done by sending a packet. query The source port of the packet query By changing the value randomly every time, the probability of a successful cache poisoning attack can be reduced.By cash poisoning attack DNS Fake cache server DNS Information can be cached and DNS Nodes using the cache server may be directed to fake sites. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. And spoof the address returned by the DNS response. =========================================================== Ubuntu Security Notice USN-627-1 July 22, 2008 dnsmasq vulnerability CVE-2008-1447 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.04 LTS: dnsmasq-base 2.41-2ubuntu2.1
After a standard system upgrade you need to restart Dnsmasq to effect the necessary changes.
Details follow:
Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq.
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.diff.gz
Size/MD5: 22023 89c0f060733a11e414ef1fa634b17149
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.dsc
Size/MD5: 698 e44ebdb66be7abcaba3f1558b9379abb
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41.orig.tar.gz
Size/MD5: 357997 8d0acd6656299a800c4d1be5a1193e39
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1_all.deb
Size/MD5: 11962 fbe42757babf0522e92a48438cdf7d0b
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_amd64.deb
Size/MD5: 210032 015334862975edd0c6157624b9b4cd6b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_i386.deb
Size/MD5: 202466 87bebd172bae955ef2ae8f2de323a737
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_lpia.deb
Size/MD5: 202996 8938160f148e63de63cad64e2721c6d6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_powerpc.deb
Size/MD5: 210320 865aa2d674736978b2b00a8623267fc4
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_sparc.deb
Size/MD5: 204034 211f90a72d775d1987b6c3179786546f
.
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
Download the free PSI BETA from the Secunia website: https://psi.secunia.com/
TITLE: BIND 8 Predictable DNS Query IDs Vulnerability
SECUNIA ADVISORY ID: SA26629
VERIFY ADVISORY: http://secunia.com/advisories/26629/
CRITICAL: Moderately critical
IMPACT: Spoofing
WHERE:
From remote
SOFTWARE: ISC BIND 8.x.x http://secunia.com/product/76/
DESCRIPTION: Amit Klein has reported a vulnerability in BIND, which can be exploited by malicious people to poison the DNS cache.
The vulnerability is caused due to predictable query IDs in outgoing queries (e.g.
Reportedly, the probability to guess the next query ID is between 25% and 43%, depending on the handled DNS traffic.
The vulnerability is reported in BIND 8.x versions prior to 8.4.7-P1.
SOLUTION: Update to BIND 8.4.7-P1.
NOTE: BIND 8.x has reached "End of Life". The vendor advises all users to upgrade to BIND 9.4.1-P1.
PROVIDED AND/OR DISCOVERED BY: Amit Klein
ORIGINAL ADVISORY: ISC: http://www.isc.org/index.pl?/sw/bind/bind8-eol.php
Trusteer: http://www.trusteer.com/docs/bind8dns.html
OTHER REFERENCES: US-CERT VU#927905: http://www.kb.cert.org/vuls/id/927905
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-1619-2 security@debian.org http://www.debian.org/security/ Devin Carraway September 22, 2008 http://www.debian.org/security/faq
Package : python-dns Vulnerability : DNS response spoofing Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-1447 Debian Bug : 490217
In DSA-1619-1, an update was announced for DNS response spoofing vulnerabilities in python-dns. The fix introduced a regression in the library breaking the resolution of UTF-8 encoded record names. An updated release is available which corrects this problem. For reference, the original advisory text follows.
Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Dan Kaminsky identified a practical vector of DNS response spoofing and cache poisoning, exploiting the limited entropy in a DNS transaction ID and lack of UDP source port randomization in many DNS implementations. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery.
The Common Vulnerabilities and Exposures project identifies this class of weakness as CVE-2008-1447.
For the stable distribution (etch), these problems have been fixed in version 2.3.0-5.2+etch2.
We recommend that you upgrade your python-dns package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Debian (stable)
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.diff.gz Size/MD5 checksum: 3807 4c9dceefe0dfc4ee933f3c9298764153 http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0.orig.tar.gz Size/MD5 checksum: 21084 82d377c6a59181072b30b0da4e9835b8 http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.dsc Size/MD5 checksum: 695 16b84a9d56bdd4baf5cdf1bf7e413521
Architecture independent packages:
http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2_all.deb Size/MD5 checksum: 22972 59775332c3bb11b1408c83cf25b8e253
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFI1zZ3U5XKDemr/NIRAj/fAKDW30OzI8426TLokTZohgj5GNBa3wCg36qG 5+lokOAioaVH2Y4vJsDYM8o= =rINc -----END PGP SIGNATURE----- .
- The default value for query_port_start was set to 0, disabling UDP source port randomization for outgoing queries (CVE-2008-1447). The first issue can be exploited by enticing pdnsd to send a query to a malicious DNS server, or using the port randomization weakness, and might lead to a Denial of Service.
Workaround
Port randomization can be enabled by setting the "query_port_start" option to 1024 which would resolve the CVE-2008-1447 issue. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-17
http://security.gentoo.org/
Severity: Normal Title: Ruby: Multiple vulnerabilities Date: December 16, 2008 Bugs: #225465, #236060 ID: 200812-17
Synopsis
Multiple vulnerabilities have been discovered in Ruby that allow for attacks including arbitrary code execution and Denial of Service.
Background
Ruby is an interpreted object-oriented programming language. The elaborate standard library includes an HTTP server ("WEBRick") and a class for XML parsing ("REXML").
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-lang/ruby < 1.8.6_p287-r1 >= 1.8.6_p287-r1
Description
Multiple vulnerabilities have been discovered in the Ruby interpreter and its standard libraries. Drew Yao of Apple Product Security discovered the following flaws:
-
Arbitrary code execution or Denial of Service (memory corruption) in the rb_str_buf_append() function (CVE-2008-2662).
-
Arbitrary code execution or Denial of Service (memory corruption) in the rb_ary_stor() function (CVE-2008-2663).
-
Memory corruption via alloca in the rb_str_format() function (CVE-2008-2664).
-
Memory corruption ("REALLOC_N") in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2725).
-
Memory corruption ("beg + rlen") in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2726).
Furthermore, several other vulnerabilities have been reported:
-
Tanaka Akira reported an issue with resolv.rb that enables attackers to spoof DNS responses (CVE-2008-1447).
-
Akira Tagoh of RedHat discovered a Denial of Service (crash) issue in the rb_ary_fill() function in array.c (CVE-2008-2376).
-
Several safe level bypass vulnerabilities were discovered and reported by Keita Yamaguchi (CVE-2008-3655).
-
Christian Neukirchen is credited for discovering a Denial of Service (CPU consumption) attack in the WEBRick HTTP server (CVE-2008-3656).
-
A fault in the dl module allowed the circumvention of taintness checks which could possibly lead to insecure code execution was reported by "sheepman" (CVE-2008-3657).
-
Luka Treiber and Mitja Kolsek (ACROS Security) disclosed a Denial of Service (CPU consumption) vulnerability in the REXML module when dealing with recursive entity expansion (CVE-2008-3790).
Impact
These vulnerabilities allow remote attackers to execute arbitrary code, spoof DNS responses, bypass Ruby's built-in security and taintness checks, and cause a Denial of Service via crash or CPU exhaustion.
Workaround
There is no known workaround at this time.
Resolution
All Ruby users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.8.6_p287-r1"
References
[ 1 ] CVE-2008-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [ 2 ] CVE-2008-2376 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2376 [ 3 ] CVE-2008-2662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662 [ 4 ] CVE-2008-2663 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663 [ 5 ] CVE-2008-2664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664 [ 6 ] CVE-2008-2725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725 [ 7 ] CVE-2008-2726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726 [ 8 ] CVE-2008-3655 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655 [ 9 ] CVE-2008-3656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656 [ 10 ] CVE-2008-3657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657 [ 11 ] CVE-2008-3790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790 [ 12 ] CVE-2008-3905 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3905
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200812-17.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
Background
Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP server.
- Carlos Carvalho reported that dnsmasq in the 2.43 version does not properly handle clients sending inform or renewal queries for unknown DHCP leases, leading to a crash (CVE-2008-3350).
Impact
A remote attacker could send spoofed DNS response traffic to dnsmasq, possibly involving generating queries via multiple vectors, and spoof DNS replies, which could e.g. lead to the redirection of web or mail traffic to malicious sites. Furthermore, an attacker could generate invalid DHCP traffic and cause a Denial of Service. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.8,
"vendor": "isc",
"version": "8"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "internet consortium",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.2.9"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bluecat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "force10",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "funkwerk",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "infoblox",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nixu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nominum",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qnx",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing network security division",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dnsmasq",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "9"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5 to v10.5.4"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5 to v10.5.4"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v1.1 to v2.0.2"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8624el"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8624ps"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8724sl"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8724sl v2"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8724xl"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8748sl"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8748xl"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8948xl"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9606sx/sc"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9606t"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9812t"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9816gb"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9924sp"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9924t/4sp"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9924ts"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar260s v2"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410 v2"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410s v2"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar415s"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740s"
},
{
"_id": null,
"model": "switchblade4000",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"_id": null,
"model": "id gateway",
"scope": null,
"trust": 0.8,
"vendor": "internet initiative",
"version": null
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(sparc)"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.0"
},
{
"_id": null,
"model": "xr-1100",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.2 previous version"
},
{
"_id": null,
"model": "xr-410",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.9 previous version"
},
{
"_id": null,
"model": "xr-410-l2",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.1 previous version"
},
{
"_id": null,
"model": "xr-440",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.7.7 previous version"
},
{
"_id": null,
"model": "xr-510",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver3.5.3 previous version"
},
{
"_id": null,
"model": "xr-540",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver3.5.2 previous version"
},
{
"_id": null,
"model": "xr-640",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.7 previous version"
},
{
"_id": null,
"model": "xr-640-l2",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.1 previous version"
},
{
"_id": null,
"model": "xr-730",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver3.5.0 previous version"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"_id": null,
"model": "hp tru64 unix",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "v 5.1b-3"
},
{
"_id": null,
"model": "hp tru64 unix",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "v 5.1b-4"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"_id": null,
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"_id": null,
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"_id": null,
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"_id": null,
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"_id": null,
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rt100i"
},
{
"_id": null,
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt102i"
},
{
"_id": null,
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt103i"
},
{
"_id": null,
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt200i"
},
{
"_id": null,
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt80i)"
},
{
"_id": null,
"model": "rt105 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rt105i"
},
{
"_id": null,
"model": "rt105 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt105e"
},
{
"_id": null,
"model": "rt105 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt105p)"
},
{
"_id": null,
"model": "rt107e",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "rt140 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rt140i"
},
{
"_id": null,
"model": "rt140 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt140e"
},
{
"_id": null,
"model": "rt140 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt140p"
},
{
"_id": null,
"model": "rt140 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt140f)"
},
{
"_id": null,
"model": "rt300i",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "rt58i",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "rta series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rta55i"
},
{
"_id": null,
"model": "rta series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rta54i"
},
{
"_id": null,
"model": "rta series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rta52i"
},
{
"_id": null,
"model": "rta series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rta50i)"
},
{
"_id": null,
"model": "rtv series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rtv700"
},
{
"_id": null,
"model": "rtv series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rtv01)"
},
{
"_id": null,
"model": "rtw series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rt60w"
},
{
"_id": null,
"model": "rtw series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rtw65i"
},
{
"_id": null,
"model": "rtw series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rtw65b)"
},
{
"_id": null,
"model": "rtx1000",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "rtx1100",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "rtx1500",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "rtx2000",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "rtx3000",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "srt100",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "fitelnet-e series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-e20/e30"
},
{
"_id": null,
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f40"
},
{
"_id": null,
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f80/f100/f120/f140/f1000/f2000"
},
{
"_id": null,
"model": "ip38x series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "ipcom series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "2.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#927905"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ibm:aix",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipod_touch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:centrecom",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:switchblade4000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:opensolaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:centurysys:xr-1100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:centurysys:xr-410",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:centurysys:xr-410-l2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:centurysys:xr-440",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:centurysys:xr-510",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:centurysys:xr-540",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:centurysys:xr-640",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:centurysys:xr-640-l2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:centurysys:xr-730",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:tru64",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_server_2003",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_xp",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rt",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rt105",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rt107e",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rt140",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rt300i",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rt58i_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rta",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rtv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rtw",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rtx1000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rtx1100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rtx1500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rtx2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:rtx3000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yamaha:srt100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix1000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix3000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fujitsu:ipcom",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
}
]
},
"credits": {
"_id": null,
"data": "Dan Kaminsky",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
}
],
"trust": 0.6
},
"cve": "CVE-2008-1447",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2008-1447",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-1447",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-31572",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2008-1447",
"impactScore": 4.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-1447",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#800113",
"trust": 0.8,
"value": "27.54"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#927905",
"trust": 0.8,
"value": "2.14"
},
{
"author": "NVD",
"id": "CVE-2008-1447",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200807-129",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-31572",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#927905"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"description": {
"_id": null,
"data": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\". ISC BIND version 8 generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. plural DNS There is a vulnerability in the implementation that makes cache poisoning attacks easier. Recent research has found a more efficient method of cash poisoning than previously known. DNS As a cache server, PC Please note that there is a possibility of attack. Cash poisoning attack forged response This is done by sending a packet. query The source port of the packet query By changing the value randomly every time, the probability of a successful cache poisoning attack can be reduced.By cash poisoning attack DNS Fake cache server DNS Information can be cached and DNS Nodes using the cache server may be directed to fake sites. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. And spoof the address returned by the DNS response. =========================================================== \nUbuntu Security Notice USN-627-1 July 22, 2008\ndnsmasq vulnerability\nCVE-2008-1447\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 8.04 LTS:\n dnsmasq-base 2.41-2ubuntu2.1\n\nAfter a standard system upgrade you need to restart Dnsmasq to effect\nthe necessary changes. \n\nDetails follow:\n\nDan Kaminsky discovered weaknesses in the DNS protocol as implemented\nby Dnsmasq. \n\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.diff.gz\n Size/MD5: 22023 89c0f060733a11e414ef1fa634b17149\n http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.dsc\n Size/MD5: 698 e44ebdb66be7abcaba3f1558b9379abb\n http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41.orig.tar.gz\n Size/MD5: 357997 8d0acd6656299a800c4d1be5a1193e39\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1_all.deb\n Size/MD5: 11962 fbe42757babf0522e92a48438cdf7d0b\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_amd64.deb\n Size/MD5: 210032 015334862975edd0c6157624b9b4cd6b\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_i386.deb\n Size/MD5: 202466 87bebd172bae955ef2ae8f2de323a737\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_lpia.deb\n Size/MD5: 202996 8938160f148e63de63cad64e2721c6d6\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_powerpc.deb\n Size/MD5: 210320 865aa2d674736978b2b00a8623267fc4\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_sparc.deb\n Size/MD5: 204034 211f90a72d775d1987b6c3179786546f\n\n\n. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nDownload the free PSI BETA from the Secunia website:\nhttps://psi.secunia.com/\n\n----------------------------------------------------------------------\n\nTITLE:\nBIND 8 Predictable DNS Query IDs Vulnerability\n\nSECUNIA ADVISORY ID:\nSA26629\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26629/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSpoofing\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nISC BIND 8.x.x\nhttp://secunia.com/product/76/\n\nDESCRIPTION:\nAmit Klein has reported a vulnerability in BIND, which can be\nexploited by malicious people to poison the DNS cache. \n\nThe vulnerability is caused due to predictable query IDs in outgoing\nqueries (e.g. \n\nReportedly, the probability to guess the next query ID is between 25%\nand 43%, depending on the handled DNS traffic. \n\nThe vulnerability is reported in BIND 8.x versions prior to 8.4.7-P1. \n\nSOLUTION:\nUpdate to BIND 8.4.7-P1. \n\nNOTE: BIND 8.x has reached \"End of Life\". The vendor advises all\nusers to upgrade to BIND 9.4.1-P1. \n\nPROVIDED AND/OR DISCOVERED BY:\nAmit Klein\n\nORIGINAL ADVISORY:\nISC:\nhttp://www.isc.org/index.pl?/sw/bind/bind8-eol.php\n\nTrusteer:\nhttp://www.trusteer.com/docs/bind8dns.html\n\nOTHER REFERENCES:\nUS-CERT VU#927905:\nhttp://www.kb.cert.org/vuls/id/927905\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1619-2 security@debian.org\nhttp://www.debian.org/security/ Devin Carraway\nSeptember 22, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : python-dns\nVulnerability : DNS response spoofing\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-1447\nDebian Bug : 490217\n\nIn DSA-1619-1, an update was announced for DNS response spoofing\nvulnerabilities in python-dns. The fix introduced a regression in the\nlibrary breaking the resolution of UTF-8 encoded record names. An\nupdated release is available which corrects this problem. For\nreference, the original advisory text follows. \n\nMultiple weaknesses have been identified in PyDNS, a DNS client\nimplementation for the Python language. Dan Kaminsky identified a\npractical vector of DNS response spoofing and cache poisoning,\nexploiting the limited entropy in a DNS transaction ID and lack of\nUDP source port randomization in many DNS implementations. Scott\nKitterman noted that python-dns is vulnerable to this predictability,\nas it randomizes neither its transaction ID nor its source port. \nTaken together, this lack of entropy leaves applications using\npython-dns to perform DNS queries highly susceptible to response\nforgery. \n\nThe Common Vulnerabilities and Exposures project identifies this\nclass of weakness as CVE-2008-1447. \n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.3.0-5.2+etch2. \n\nWe recommend that you upgrade your python-dns package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.diff.gz\n Size/MD5 checksum: 3807 4c9dceefe0dfc4ee933f3c9298764153\n http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0.orig.tar.gz\n Size/MD5 checksum: 21084 82d377c6a59181072b30b0da4e9835b8\n http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.dsc\n Size/MD5 checksum: 695 16b84a9d56bdd4baf5cdf1bf7e413521\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2_all.deb\n Size/MD5 checksum: 22972 59775332c3bb11b1408c83cf25b8e253\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFI1zZ3U5XKDemr/NIRAj/fAKDW30OzI8426TLokTZohgj5GNBa3wCg36qG\n5+lokOAioaVH2Y4vJsDYM8o=\n=rINc\n-----END PGP SIGNATURE-----\n. \n\n* The default value for query_port_start was set to 0, disabling UDP\n source port randomization for outgoing queries (CVE-2008-1447). The first issue\ncan be exploited by enticing pdnsd to send a query to a malicious DNS\nserver, or using the port randomization weakness, and might lead to a\nDenial of Service. \n\nWorkaround\n==========\n\nPort randomization can be enabled by setting the \"query_port_start\"\noption to 1024 which would resolve the CVE-2008-1447 issue. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200812-17\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Ruby: Multiple vulnerabilities\n Date: December 16, 2008\n Bugs: #225465, #236060\n ID: 200812-17\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in Ruby that allow for\nattacks including arbitrary code execution and Denial of Service. \n\nBackground\n==========\n\nRuby is an interpreted object-oriented programming language. The\nelaborate standard library includes an HTTP server (\"WEBRick\") and a\nclass for XML parsing (\"REXML\"). \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-lang/ruby \u003c 1.8.6_p287-r1 \u003e= 1.8.6_p287-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the Ruby interpreter\nand its standard libraries. Drew Yao of Apple Product Security\ndiscovered the following flaws:\n\n* Arbitrary code execution or Denial of Service (memory corruption)\n in the rb_str_buf_append() function (CVE-2008-2662). \n\n* Arbitrary code execution or Denial of Service (memory corruption)\n in the rb_ary_stor() function (CVE-2008-2663). \n\n* Memory corruption via alloca in the rb_str_format() function\n (CVE-2008-2664). \n\n* Memory corruption (\"REALLOC_N\") in the rb_ary_splice() and\n rb_ary_replace() functions (CVE-2008-2725). \n\n* Memory corruption (\"beg + rlen\") in the rb_ary_splice() and\n rb_ary_replace() functions (CVE-2008-2726). \n\nFurthermore, several other vulnerabilities have been reported:\n\n* Tanaka Akira reported an issue with resolv.rb that enables\n attackers to spoof DNS responses (CVE-2008-1447). \n\n* Akira Tagoh of RedHat discovered a Denial of Service (crash) issue\n in the rb_ary_fill() function in array.c (CVE-2008-2376). \n\n* Several safe level bypass vulnerabilities were discovered and\n reported by Keita Yamaguchi (CVE-2008-3655). \n\n* Christian Neukirchen is credited for discovering a Denial of\n Service (CPU consumption) attack in the WEBRick HTTP server\n (CVE-2008-3656). \n\n* A fault in the dl module allowed the circumvention of taintness\n checks which could possibly lead to insecure code execution was\n reported by \"sheepman\" (CVE-2008-3657). \n\n* Luka Treiber and Mitja Kolsek (ACROS Security) disclosed a Denial\n of Service (CPU consumption) vulnerability in the REXML module when\n dealing with recursive entity expansion (CVE-2008-3790). \n\nImpact\n======\n\nThese vulnerabilities allow remote attackers to execute arbitrary code,\nspoof DNS responses, bypass Ruby\u0027s built-in security and taintness\nchecks, and cause a Denial of Service via crash or CPU exhaustion. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Ruby users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-lang/ruby-1.8.6_p287-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2008-1447\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n [ 2 ] CVE-2008-2376\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2376\n [ 3 ] CVE-2008-2662\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662\n [ 4 ] CVE-2008-2663\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663\n [ 5 ] CVE-2008-2664\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664\n [ 6 ] CVE-2008-2725\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725\n [ 7 ] CVE-2008-2726\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726\n [ 8 ] CVE-2008-3655\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655\n [ 9 ] CVE-2008-3656\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656\n [ 10 ] CVE-2008-3657\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657\n [ 11 ] CVE-2008-3790\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790\n [ 12 ] CVE-2008-3905\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3905\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200812-17.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. \n\nBackground\n==========\n\nDnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP\nserver. \n\n* Carlos Carvalho reported that dnsmasq in the 2.43 version does not\n properly handle clients sending inform or renewal queries for unknown\n DHCP leases, leading to a crash (CVE-2008-3350). \n\nImpact\n======\n\nA remote attacker could send spoofed DNS response traffic to dnsmasq,\npossibly involving generating queries via multiple vectors, and spoof\nDNS replies, which could e.g. lead to the redirection of web or mail\ntraffic to malicious sites. Furthermore, an attacker could generate\ninvalid DHCP traffic and cause a Denial of Service. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1447"
},
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#927905"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "PACKETSTORM",
"id": "58910"
},
{
"db": "PACKETSTORM",
"id": "70207"
},
{
"db": "PACKETSTORM",
"id": "73732"
},
{
"db": "PACKETSTORM",
"id": "73060"
},
{
"db": "PACKETSTORM",
"id": "69643"
},
{
"db": "PACKETSTORM",
"id": "68546"
}
],
"trust": 3.78
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-31572",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#800113",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2008-1447",
"trust": 3.1
},
{
"db": "SECUNIA",
"id": "30980",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "31014",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "30925",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA08-190B",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA08-260A",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA08-190A",
"trust": 2.5
},
{
"db": "BID",
"id": "30131",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2008-2025",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-0297",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2334",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2383",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2113",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2558",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2019",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2377",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2584",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2342",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0622",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2166",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2051",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2092",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2029",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2384",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2268",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2052",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2549",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2197",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-0311",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2055",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2467",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2123",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2482",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2525",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2023",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2582",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2114",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2196",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2139",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2466",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2050",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2195",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2291",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2030",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020548",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020448",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020558",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020702",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020440",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020575",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020437",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020802",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020449",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020579",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020561",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020804",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020577",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020560",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020651",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020653",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020438",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020576",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31209",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31197",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31422",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31151",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31354",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31093",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31212",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31207",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31221",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31254",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31451",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31169",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30988",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30973",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31687",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31199",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31137",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30998",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31065",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31882",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31019",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31153",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31482",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31495",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33178",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33714",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31213",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31326",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31052",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31011",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31588",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31033",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31031",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30979",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31022",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31094",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31030",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31204",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31072",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31152",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31237",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31012",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33786",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31143",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31236",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31900",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30989",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31823",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "6130",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "6123",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "6122",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26629",
"trust": 1.0
},
{
"db": "CERT/CC",
"id": "VU#927905",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA08-190A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "68412",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "73060",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "73732",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "70207",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68546",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68878",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68038",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68755",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68118",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68502",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68061",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "74443",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96747",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94774",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68199",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68183",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68068",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68471",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68039",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68500",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68691",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68360",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68037",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68473",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68129",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68554",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68063",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68543",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-65607",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-31572",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58910",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69643",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#927905"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "PACKETSTORM",
"id": "58910"
},
{
"db": "PACKETSTORM",
"id": "70207"
},
{
"db": "PACKETSTORM",
"id": "73732"
},
{
"db": "PACKETSTORM",
"id": "73060"
},
{
"db": "PACKETSTORM",
"id": "69643"
},
{
"db": "PACKETSTORM",
"id": "68546"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"id": "VAR-200707-0675",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T20:23:02.481000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2008-09-12",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"title": "APPLE-SA-2008-09-15",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"title": "APPLE-SA-2008-07-31",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"title": "APPLE-SA-2008-09-09",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"title": "Security Update 2008-006",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3137"
},
{
"title": "Security Update 2008-005",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT2647"
},
{
"title": "iPod touch v2.1",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3026"
},
{
"title": "bind-9.3.3-10.4AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=140"
},
{
"title": "dnsmasq-2.45-1AXS3.1.1",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=345"
},
{
"title": "cisco-sa-20080708-dns",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml"
},
{
"title": "20080709",
"trust": 0.8,
"url": "http://www.furukawa.co.jp/fitelnet/topic/vulnera_20080709.html"
},
{
"title": "DNS cache poisoning",
"trust": 0.8,
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"
},
{
"title": "JVNVU800113",
"trust": 0.8,
"url": "http://www.centurysys.co.jp/support/xr_common/JVNVU800113.html"
},
{
"title": "HPSBUX02351",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01506861"
},
{
"title": "HPSBOV02357 SSRT080058",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01662368"
},
{
"title": "HPSBMP02404 SSRT090014",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01660723"
},
{
"title": "HPSBUX02358",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01527346"
},
{
"title": "IZ26672",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ26672"
},
{
"title": "IZ26667",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ26667"
},
{
"title": "IZ26668",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ26668"
},
{
"title": "IZ26671",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ26671"
},
{
"title": "IZ26670",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ26670"
},
{
"title": "IZ26669",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ26669"
},
{
"title": "4525",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4525"
},
{
"title": "4338",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4338"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.iij.ad.jp"
},
{
"title": "CERT VU#800113 DNS Cache Poisoning Issue",
"trust": 0.8,
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"title": "956187",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/956187.mspx"
},
{
"title": "MS08-037",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS08-037.mspx"
},
{
"title": "1316",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1316"
},
{
"title": "1649",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1649"
},
{
"title": "1296",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1296"
},
{
"title": "1297",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1297"
},
{
"title": "NV08-008",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv08-008.html"
},
{
"title": "RHSA-2008:0789",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0789.html"
},
{
"title": "RHSA-2008:0533",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html"
},
{
"title": "VU800113",
"trust": 0.8,
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html"
},
{
"title": "239392",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239392-1"
},
{
"title": "240048",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-240048-1"
},
{
"title": "dns_12",
"trust": 0.8,
"url": "http://fenics.fujitsu.com/products/support/2008/dns_12.html"
},
{
"title": "DNS\u306b\u95a2\u3059\u308b\u30ad\u30e3\u30c3\u30b7\u30e5\u30dd\u30a4\u30ba\u30cb\u30f3\u30b0\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20080813.html"
},
{
"title": "956187",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/advisory/956187.mspx"
},
{
"title": "MS08-037",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms08-037.mspx"
},
{
"title": "RHSA-2008:0533",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0533J.html"
},
{
"title": "RHSA-2008:0789",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0789J.html"
},
{
"title": "MS08-037e",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/security/bulletins/MS08-037e.mspx"
},
{
"title": "TLSA-2008-26",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2008/TLSA-2008-26j.txt"
},
{
"title": "TA08-190A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-190a.html"
},
{
"title": "TA08-190B",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-190b.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-331",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.8
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/30131"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-190a.html"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-190b.html"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/800113"
},
{
"trust": 2.3,
"url": "http://support.citrix.com/article/ctx117991"
},
{
"trust": 2.3,
"url": "http://support.citrix.com/article/ctx118183"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26667"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26668"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26669"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26670"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26671"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26672"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce//2008/jul/msg00003.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00003.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00004.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809c2168.shtml"
},
{
"trust": 1.7,
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht3026"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht3129"
},
{
"trust": 1.7,
"url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"
},
{
"trust": 1.7,
"url": "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0231"
},
{
"trust": 1.7,
"url": "http://wiki.rpath.com/wiki/advisories:rpsa-2010-0018"
},
{
"trust": 1.7,
"url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"
},
{
"trust": 1.7,
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4j"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/mimg-7ecl8q"
},
{
"trust": 1.7,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7000912"
},
{
"trust": 1.7,
"url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"
},
{
"trust": 1.7,
"url": "http://www.phys.uu.nl/~rombouts/pdnsd/changelog"
},
{
"trust": 1.7,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html"
},
{
"trust": 1.7,
"url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0014.html"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2008/dsa-1603"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2008/dsa-1604"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2008/dsa-1605"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2008/dsa-1619"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2008/dsa-1623"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/6122"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/6123"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/6130"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00402.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00458.html"
},
{
"trust": 1.7,
"url": "http://security.freebsd.org/advisories/freebsd-sa-08:06.bind.asc"
},
{
"trust": 1.7,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-august/064118.html"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662368"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01523520"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:139"
},
{
"trust": 1.7,
"url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"
},
{
"trust": 1.7,
"url": "http://www.caughq.org/exploits/cau-ex-2008-0002.txt"
},
{
"trust": 1.7,
"url": "http://www.caughq.org/exploits/cau-ex-2008-0003.txt"
},
{
"trust": 1.7,
"url": "http://www.doxpara.com/?p=1176"
},
{
"trust": 1.7,
"url": "http://www.doxpara.com/dmk_bo2k8.ppt"
},
{
"trust": 1.7,
"url": "http://www.nominum.com/asset_upload_file741_2661.pdf"
},
{
"trust": 1.7,
"url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"
},
{
"trust": 1.7,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"
},
{
"trust": 1.7,
"url": "http://www.openbsd.org/errata42.html#013_bind"
},
{
"trust": 1.7,
"url": "http://www.openbsd.org/errata43.html#004_bind"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12117"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5725"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5761"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5917"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9627"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0533.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0789.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020437"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020438"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020440"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020448"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020449"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020548"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020558"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020560"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020561"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020575"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020579"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020651"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020653"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020702"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020802"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020804"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30925"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30973"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30979"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30980"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30988"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30989"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30998"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31011"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31012"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31014"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31019"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31022"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31030"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31031"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31033"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31052"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31065"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31072"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31093"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31094"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31137"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31143"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31151"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31152"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31153"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31169"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31197"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31199"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31204"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31207"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31209"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31212"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31213"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31221"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31236"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31237"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31254"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31326"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31354"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31422"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31430"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31451"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31482"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31495"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31588"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31687"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31823"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31882"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31900"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33178"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33714"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33786"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-622-1"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-627-1"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2019/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2023/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2025/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2029/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2030/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2050/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2051/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2052/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2055/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2092/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2113/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2114/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2123/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2139/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2166/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2195/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2196/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2197/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2291"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2334"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2342"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2377"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2383"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2384"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2467"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2482"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2549"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2582"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/0297"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/0311"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/0622"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/rfc3833"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/rfc2827"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/rfc3704"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/draft-ietf-tsvwg-port-randomization"
},
{
"trust": 1.6,
"url": "http://www.ipcop.org/index.php?name=news\u0026file=article\u0026sid=40"
},
{
"trust": 1.6,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=762152"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=121866517322103\u0026w=2"
},
{
"trust": 1.6,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.452680"
},
{
"trust": 1.6,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.539239"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-009.txt.asc"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1447"
},
{
"trust": 0.9,
"url": "http://www.isc.org/index.pl?/sw/bind/bind8-eol.php"
},
{
"trust": 0.9,
"url": "http://www.trusteer.com/docs/bind8dns.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26629/"
},
{
"trust": 0.8,
"url": "http://csrc.nist.gov/publications/nistpubs/800-81/sp800-81.pdf"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3013"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc4033"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_random.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_transmit.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/forgery.html"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/microsoftdns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind9dns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind8dns"
},
{
"trust": 0.8,
"url": "http://www.sans.org/reading_room/whitepapers/dns/1567.php"
},
{
"trust": 0.8,
"url": "http://blogs.iss.net/archive/morednsnat.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/cert/jvnvu800113/"
},
{
"trust": 0.8,
"url": "http://www.cert.at/static/cert.at-0802-dns-patchanalysis.pdf"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2008/2019"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2008/2055"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/vuln/documents/2008/200812_dns.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200912_dns.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/vuln/documents/2008/200809_dns.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2008/at080013.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2008/at080014.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2014/at140016.html"
},
{
"trust": 0.8,
"url": "http://jprs.jp/tech/security/2014-04-15-portrandomization.html"
},
{
"trust": 0.8,
"url": "http://jprs.jp/tech/security/2014-05-30-poisoning-countermeasure-auth-1.pdf"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu800113/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-190a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-190b/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-190a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-190b/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1447"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/30925/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/31014/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/30980/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-190a.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/2009/20090212_155349.html"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 0.3,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.3,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.3,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0.orig.tar.gz"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026amp;id=762152"
},
{
"trust": 0.1,
"url": "http://www.ipcop.org/index.php?name=news\u0026amp;file=article\u0026amp;sid=40"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=123324863916385\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141879471518471\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=121866517322103\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=121630706004256\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.539239"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.452680"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/927905"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/76/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch2.diff.gz"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4194"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200901-03.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4194"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2376"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2662"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2726"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2376"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3655"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3905"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3790"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2663"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3790"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2664"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2662"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3657"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3656"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2663"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2664"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3655"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3905"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2726"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2725"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2725"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3657"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200809-02.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3350"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3350"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1_all.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1.diff.gz"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#927905"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "PACKETSTORM",
"id": "58910"
},
{
"db": "PACKETSTORM",
"id": "70207"
},
{
"db": "PACKETSTORM",
"id": "73732"
},
{
"db": "PACKETSTORM",
"id": "73060"
},
{
"db": "PACKETSTORM",
"id": "69643"
},
{
"db": "PACKETSTORM",
"id": "68546"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#800113",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#927905",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-31572",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68412",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "58910",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "70207",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "73732",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "73060",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "69643",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68546",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2008-1447",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2008-07-08T00:00:00",
"db": "CERT/CC",
"id": "VU#800113",
"ident": null
},
{
"date": "2007-08-28T00:00:00",
"db": "CERT/CC",
"id": "VU#927905",
"ident": null
},
{
"date": "2008-07-08T00:00:00",
"db": "VULHUB",
"id": "VHN-31572",
"ident": null
},
{
"date": "2008-07-22T18:01:41",
"db": "PACKETSTORM",
"id": "68412",
"ident": null
},
{
"date": "2007-08-29T04:20:48",
"db": "PACKETSTORM",
"id": "58910",
"ident": null
},
{
"date": "2008-09-22T21:37:12",
"db": "PACKETSTORM",
"id": "70207",
"ident": null
},
{
"date": "2009-01-12T19:16:04",
"db": "PACKETSTORM",
"id": "73732",
"ident": null
},
{
"date": "2008-12-16T21:29:31",
"db": "PACKETSTORM",
"id": "73060",
"ident": null
},
{
"date": "2008-09-04T22:22:48",
"db": "PACKETSTORM",
"id": "69643",
"ident": null
},
{
"date": "2008-07-28T15:27:39",
"db": "PACKETSTORM",
"id": "68546",
"ident": null
},
{
"date": "2008-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200807-129",
"ident": null
},
{
"date": "2008-07-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001495",
"ident": null
},
{
"date": "2008-07-08T23:41:00",
"db": "NVD",
"id": "CVE-2008-1447",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2014-04-14T00:00:00",
"db": "CERT/CC",
"id": "VU#800113",
"ident": null
},
{
"date": "2007-08-28T00:00:00",
"db": "CERT/CC",
"id": "VU#927905",
"ident": null
},
{
"date": "2020-03-24T00:00:00",
"db": "VULHUB",
"id": "VHN-31572",
"ident": null
},
{
"date": "2020-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200807-129",
"ident": null
},
{
"date": "2014-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001495",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-1447",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Multiple DNS implementations vulnerable to cache poisoning",
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
}
],
"trust": 0.6
}
}
VAR-200804-0065
Vulnerability from variot - Updated: 2025-04-10 23:03Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPrint client request. Novell NetWare is prone to a denial-of-service vulnerability due to an unspecified error. Remote attackers can exploit this issue to deny service to legitimate users. The issue affects Novell NetWare 6.5; other versions may also be vulnerable. ----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
The vulnerability is caused due to an error when processing requests e.g.
The vulnerability is reported in version 6.5.
SOLUTION: Apply updates. http://download.novell.com/Download?buildid=u0MH4z5NQts~
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: Novell (3842033): https://secure-support.novell.com/KanisaPlatform/Publishing/667/3842033_f.SAL_Public.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200804-0065",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iprint",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "6.5"
},
{
"model": "iprint client",
"scope": "eq",
"trust": 0.8,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware sp1.1",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "6.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.2"
},
{
"model": "netware sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
}
],
"sources": [
{
"db": "BID",
"id": "28561"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-100"
},
{
"db": "NVD",
"id": "CVE-2008-1701"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:novell:iprint",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor",
"sources": [
{
"db": "BID",
"id": "28561"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-100"
}
],
"trust": 0.9
},
"cve": "CVE-2008-1701",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2008-1701",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-31826",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-1701",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2008-1701",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200804-100",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-31826",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31826"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-100"
},
{
"db": "NVD",
"id": "CVE-2008-1701"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPrint client request. Novell NetWare is prone to a denial-of-service vulnerability due to an unspecified error. \nRemote attackers can exploit this issue to deny service to legitimate users. \nThe issue affects Novell NetWare 6.5; other versions may also be vulnerable. ----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nThe vulnerability is caused due to an error when processing requests\ne.g. \n\nThe vulnerability is reported in version 6.5. \n\nSOLUTION:\nApply updates. \nhttp://download.novell.com/Download?buildid=u0MH4z5NQts~\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nNovell (3842033):\nhttps://secure-support.novell.com/KanisaPlatform/Publishing/667/3842033_f.SAL_Public.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1701"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
},
{
"db": "BID",
"id": "28561"
},
{
"db": "VULHUB",
"id": "VHN-31826"
},
{
"db": "PACKETSTORM",
"id": "65094"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-1701",
"trust": 2.8
},
{
"db": "BID",
"id": "28561",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "29587",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-1074",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1019750",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004313",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200804-100",
"trust": 0.7
},
{
"db": "XF",
"id": "41588",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-31826",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "65094",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31826"
},
{
"db": "BID",
"id": "28561"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
},
{
"db": "PACKETSTORM",
"id": "65094"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-100"
},
{
"db": "NVD",
"id": "CVE-2008-1701"
}
]
},
"id": "VAR-200804-0065",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31826"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:03:26.424000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.novell.com/home/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
},
{
"db": "NVD",
"id": "CVE-2008-1701"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/667/3842033_f.sal_public.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/28561"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1019750"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29587"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/1074/references"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41588"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1701"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1701"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/41588"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1074/references"
},
{
"trust": 0.3,
"url": "http://www.novell.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/29587/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/?page=changelog"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://download.novell.com/download?buildid=u0mh4z5nqts~"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/78/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31826"
},
{
"db": "BID",
"id": "28561"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
},
{
"db": "PACKETSTORM",
"id": "65094"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-100"
},
{
"db": "NVD",
"id": "CVE-2008-1701"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-31826"
},
{
"db": "BID",
"id": "28561"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
},
{
"db": "PACKETSTORM",
"id": "65094"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-100"
},
{
"db": "NVD",
"id": "CVE-2008-1701"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-04-08T00:00:00",
"db": "VULHUB",
"id": "VHN-31826"
},
{
"date": "2008-04-01T00:00:00",
"db": "BID",
"id": "28561"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004313"
},
{
"date": "2008-04-03T04:45:58",
"db": "PACKETSTORM",
"id": "65094"
},
{
"date": "2008-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200804-100"
},
{
"date": "2008-04-08T18:05:00",
"db": "NVD",
"id": "CVE-2008-1701"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-31826"
},
{
"date": "2015-05-07T17:30:00",
"db": "BID",
"id": "28561"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004313"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200804-100"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-1701"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200804-100"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Novell NetWare Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004313"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200804-100"
}
],
"trust": 0.6
}
}
VAR-200202-0007
Vulnerability from variot - Updated: 2025-04-03 22:25Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code ・ If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. The resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP request messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. It is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)
Original release date: February 12, 2002 Last revised: -- Source: CERT/CC
A complete revision history can be found at the end of this file.
Systems Affected
Products from a very wide variety of vendors may be affected. See Vendor Information for details from vendors who have provided feedback for this advisory.
In addition to the vendors who provided feedback for this advisory, a list of vendors whom CERT/CC contacted regarding these problems is available from http://www.kb.cert.org/vuls/id/854306 http://www.kb.cert.org/vuls/id/107186
Many other systems making use of SNMP may also be vulnerable but were not specifically tested.
In addition to this advisory, we also have an FAQ available at http://www.cert.org/tech_tips/snmp_faq.html
I. Version 1 of the protocol (SNMPv1) defines several types of SNMP messages that are used to request information or configuration changes, respond to requests, enumerate SNMP objects, and send unsolicited alerts. The Oulu University Secure Programming Group (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous vulnerabilities in SNMPv1 implementations from many different vendors. More information about SNMP and OUSPG can be found in Appendix C
OUSPG's research focused on the manner in which SNMPv1 agents and managers handle request and trap messages. A trap message may indicate a warning or error condition or otherwise notify the manager about the agent's state. Request messages might be issued to obtain information from an agent or to instruct the agent to configure the host device.
Vulnerabilities in the decoding and subsequent processing of SNMP messages by both managers and agents may result in denial-of-service conditions, format string vulnerabilities, and buffer overflows. Some vulnerabilities do not require the SNMP message to use the correct SNMP community string.
These vulnerabilities have been assigned the CVE identifiers CAN-2002-0012 and CAN-2002-0013, respectively.
II.
III. Solution
Note that many of the mitigation steps recommended below may have significant impact on your everyday network operations and/or network architecture. Ensure that any changes made based on the following recommendations will not unacceptably affect your ongoing network operations capability.
Apply a patch from your vendor
Appendix A contains information provided by vendors for this advisory. Please consult this appendix to determine if you need to contact your vendor directly.
Disable the SNMP service
As a general rule, the CERT/CC recommends disabling any service or capability that is not explicitly required, including SNMP. Unfortunately, some of the affected products exhibited unexpected behavior or denial of service conditions when exposed to the OUSPG test suite even if SNMP was not enabled. In these cases, disabling SNMP should be used in conjunction with the filtering practices listed below to provide additional protection.
Ingress filtering
As a temporary measure, it may be possible to limit the scope of these vulnerabilities by blocking access to SNMP services at the network perimeter.
Ingress filtering manages the flow of traffic as it enters a network under your administrative control. Servers are typically the only machines that need to accept inbound traffic from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound traffic to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound traffic to non-authorized services. For SNMP, ingress filtering of the following ports can prevent attackers outside of your network from impacting vulnerable devices in the local network that are not explicitly authorized to provide public SNMP services.
snmp 161/udp # Simple Network Management Protocol (SNMP) snmp 162/udp # SNMP system management messages
The following services are less common, but may be used on some affected products
snmp 161/tcp # Simple Network Management Protocol (SNMP) snmp 162/tcp # SNMP system management messages smux 199/tcp # SNMP Unix Multiplexer smux 199/udp # SNMP Unix Multiplexer synoptics-relay 391/tcp # SynOptics SNMP Relay Port synoptics-relay 391/udp # SynOptics SNMP Relay Port agentx 705/tcp # AgentX snmp-tcp-port 1993/tcp # cisco SNMP TCP port snmp-tcp-port 1993/udp # cisco SNMP TCP port
As noted above, you should carefully consider the impact of blocking services that you may be using.
It is important to note that in many SNMP implementations, the SNMP daemon may bind to all IP interfaces on the device. This has important consequences when considering appropriate packet filtering measures required to protect an SNMP-enabled device. For example, even if a device disallows SNMP packets directed to the IP addresses of its normal network interfaces, it may still be possible to exploit these vulnerabilities on that device through the use of packets directed at the following IP addresses: * "all-ones" broadcast address * subnet broadcast address * any internal loopback addresses (commonly used in routers for management purposes, not to be confused with the IP stack loopback address 127.0.0.1)
Careful consideration should be given to addresses of the types mentioned above by sites planning for packet filtering as part of their mitigation strategy for these vulnerabilities.
Finally, sites may wish to block access to the following RPC services related to SNMP (listed as name, program ID, alternate names)
snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys snmp-utk snmpv2 100138 na.snmpv2 # SNM Version 2.2.2 snmpXdmid 100249
Please note that this workaround may not protect vulnerable devices from internal attacks.
Filter SNMP traffic from non-authorized internal hosts
In many networks, only a limited number of network management systems need to originate SNMP request messages. This can reduce, but not wholly eliminate, the risk from internal attacks. However, it may have detrimental effects on network performance due to the increased load imposed by the filtering, so careful consideration is required before implementation. Similar caveats to the previous workaround regarding broadcast and loopback addresses apply.
Change default community strings
Most SNMP-enabled products ship with default community strings of "public" for read-only access and "private" for read-write access. As with any known default access control mechanism, the CERT/CC recommends that network administrators change these community strings to something of their own choosing. However, even when community strings are changed from their defaults, they will still be passed in plaintext and are therefore subject to packet sniffing attacks. SNMPv3 offers additional capabilities to ensure authentication and privacy as described in RFC2574.
Because many of the vulnerabilities identified in this advisory occur before the community strings are evaluated, it is important to note that performing this step alone is not sufficient to mitigate the impact of these vulnerabilities. Nonetheless, it should be performed as part of good security practice.
Segregate SNMP traffic onto a separate management network
In situations where blocking or disabling SNMP is not possible, exposure to these vulnerabilities may be limited by restricting all SNMP access to separate, isolated management networks that are not publicly accessible. Although this would ideally involve physically separate networks, that kind of separation is probably not feasible in most environments. Mechanisms such as virtual LANs (VLANs) may be used to help segregate traffic on the same physical network. Note that VLANs may not strictly prevent an attacker from exploiting these vulnerabilities, but they may make it more difficult to initiate the attacks.
Another option is for sites to restrict SNMP traffic to separate virtual private networks (VPNs), which employ cryptographically strong authentication.
Note that these solutions may require extensive changes to a site's network architecture.
Egress filtering
Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound traffic to the Internet. In the case of SNMP vulnerabilities, employing egress filtering on the ports listed above at your network border can prevent your network from being used as a source for attacks on other sites.
Disable stack execution
Disabling executable stacks (on systems where this is configurable) can reduce the risk of "stack smashing" attacks based on these vulnerabilities. Although this does not provide 100 percent protection against exploitation of these vulnerabilities, it makes the likelihood of a successful exploit much smaller. On many UNIX systems, executable stacks can be disabled by adding the following lines to /etc/system:
set noexec_user_stack = 1 set noexec_user_stack_log = 1
Note that this may go against the SPARC and Intel ABIs and can be bypassed as required in programs with mprotect(2). For the changes to take effect you will then need to reboot.
Other operating systems and architectures also support the disabling of executable stacks either through native configuration parameters or via third-party software. Consult your vendor(s) for additional information.
Share tools and techniques
Because dealing with these vulnerabilities to systems and networks is so complex, the CERT/CC will provide a forum where administrators can share ideas and techniques that can be used to develop proper defenses. We have created an unmoderated mailing list for system and network administrators to discuss helpful techniques and tools.
You can subscribe to the mailing list by sending an email message to majordomo@cert.org. In the body of the message, type
subscribe snmp-forum
After you receive the confirmation message, follow the instructions in the message to complete the subscription process.
Appendix A. - Vendor Information
This appendix contains information provided by vendors for this advisory. As vendors report new information to the CERT/CC, we will update this section and note the changes in our revision history. If a particular vendor is not listed below, we have not received their comments.
AdventNet
This is in reference to your notification regarding [VU#107186 and
VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this
behavior in their products and coded a Service Pack fix which is
currently in regression testing in AdventNet Inc.'s Q.A.
organization. The release of AdventNet Inc's. Service Pack
correcting the behavior outlined in VU#617947, and OUSPG#0100 is
scheduled to be generally available to all of AdventNet Inc.'s
customers by February 20, 2002.
Avaya
Avaya Inc.
CacheFlow
The purpose of this email is to advise you that CacheFlow Inc. has
provided a software update. Please be advised that updated versions
of the software are now available for all supported CacheFlow
hardware platforms, and may be obtained by CacheFlow customers at
the following URL:
http://download.cacheflow.com/
The specific reference to the software update is contained within the Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15 Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149.
RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm
RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm
* SR 1-1647517, VI 13045: This update modified a potential
vulnerability by using an SNMP test tools exploit.
3Com Corporation
A vulnerability to an SNMP packet with an invalid length community
string has been resolved in the following products. Customers
concerned about this weakness should ensure that they upgrade to
the following agent versions:
PS Hub 40
2.16 is due Feb 2002
PS Hub 50
2.16 is due Feb 2002
Dual Speed Hub
2.16 is due Jan 2002
Switch 1100/3300
2.68 is available now
Switch 4400
2.02 is available now
Switch 4900
2.04 is available now
WebCache1000/3000
2.00 is due Jan 2002
Caldera
Caldera International, Inc. has reproduced faulty behavior in
Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX
8. We have coded a software fix for supported versions of Caldera
UnixWare 7 and Caldera Open UNIX 8 that will be available from
our support site at http://stage.caldera.com/support/security
immediately following the publication of this CERT announcement. A
fix for supported versions of OpenServer 5 will be available at a
later date.
Cisco Systems
Cisco Systems is addressing the vulnerabilities identified by
VU#854306 and VU#107186 across its entire product line. Cisco will
publish a security advisory with further details at
http://www.cisco.com/go/psirt/.
Compaq Computer Corporation
x-ref: SSRT0779U SNMP
At the time of writing this document, COMPAQ continues to evaluate
this potential problem and when new versions of SNMP are available,
COMPAQ will implement solutions based on the new code. Compaq will
provide notice of any new patches as a result of that effort
through standard patch notification procedures and be available
from your normal Compaq Services support channel.
Computer Associates
Computer Associates has confirmed Unicenter vulnerability to the
SNMP advisory identified by CERT notification reference [VU#107186
& VU#854306] and OUSPG#0100. We have produced corrective
maintenance to address these vulnerabilities, which is in the
process of publication for all applicable releases / platforms and
will be offered through the CA Support site. Please contact our
Technical Support organization for information regarding
availability / applicability for your specific configuration(s).
COMTEK Services, Inc.
NMServer for AS/400 is not an SNMP master and is therefore not
vulnerable. However this product requires the use of the AS/400
SNMP master agent supplied by IBM.
NMServer for OpenVMS has been tested and has shown to be
vulnerable. COMTEK Services is preparing a new release of this
product (version 3.5) which will contain a fix for this problem.
This new release is scheduled to be available in February 2002.
Contact COMTEK Services for further information.
NMServer for VOS has not as yet been tested; vulnerability of this
agent is unknown. Contact for further information on the testing
schedule of the VOS product.
Covalent Technologies
Covalent Technologies ERS (Enterprise Ready Server), Secure Server,
and Conductor SNMP module are not vulnerable according to testing
performed in accordance with CERT recommendations. Security
information for Covalent products can be found at www.covalent.net
Dartware, LLC
Dartware, LLC (www.dartware.com) supplies two products that use
SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present
and past versions of these two software packages.
DMH Software
DMH Software is in the process of evaluating and attempting to
reproduce this behavior.
It is unclear at this point if our snmp-agent is sensitive to the
tests described above.
If any problems will be discovered, DMH Software will code a
software fix.
The release of DMH Software OS correcting the behavior outlined in
VU#854306, VU#107186, and OUSPG#0100 will be generally available to
all of DMH Software's customers as soon as possible.
EnGarde Secure Linux
EnGarde Secure Linux did not ship any SNMP packages in version
1.0.1 of our distribution, so we are not vulnerable to either bug.
FreeBSD
FreeBSD does not include any SNMP software by default, and so is
not vulnerable. However, the FreeBSD Ports Collection contains the
UCD-SNMP / NET-SNMP package. Package versions prior to
ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release
will ship the corrected version of the UCD-SNMP / NET-SNMP
package. In addition, the corrected version of the packages is
available from the FreeBSD mirrors.
FreeBSD has issued the following FreeBSD Security Advisory
regarding the UCD-SNMP / NET-SNMP package:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09.
snmp.asc.
Hewlett-Packard Company
SUMMARY - known vulnerable:
========================================
hp procurve switch 2524
NNM (Network Node Manager)
JetDirect Firmware (Older versions only)
HP-UX Systems running snmpd or OPENVIEW
MC/ServiceGuard
EMS
Still under investigation:
SNMP/iX (MPE/iX)
========================================
_________________________________________________________
---------------------------------------------------------
hp procurve switch 2524
---------------------------------------------------------
hp procurve switch 2525 (product J4813A) is vulnerable to some
issues, patches in process. Watch for the associated HP
Security Bulletin.
---------------------------------------------------------
NNM (Network Node Manager)
---------------------------------------------------------
Some problems were found in NNM product were related to
trap handling. Patches in process. Watch for the
associated HP Security Bulletin.
---------------------------------------------------------
JetDirect Firmware (Older versions only)
---------------------------------------------------------
ONLY some older versions of JetDirect Firmware are
vulnerable to some of the issues. The older firmware
can be upgraded in most cases, see list below.
JetDirect Firmware Version State
========================== =====
X.08.32 and higher NOT Vulnerable
X.21.00 and higher NOT Vulnerable
JetDirect Product Numbers that can be freely
upgraded to X.08.32 or X.21.00 or higher firmware.
EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)
J3110A 10T
J3111A 10T/10B2/LocalTalk
J3112A Token Ring (discontinued)
J3113A 10/100 (discontinued)
J4169A 10/100
J4167A Token Ring
MIO (Peripherals LaserJet 4, 4si, 5si, etc...)
J2550A/B 10T (discontinued)
J2552A/B 10T/10Base2/LocalTalk (discontinued)
J2555A/B Token Ring (discontinued)
J4100A 10/100
J4105A Token Ring
J4106A 10T
External Print Servers
J2591A EX+ (discontinued)
J2593A EX+3 10T/10B2 (discontinued)
J2594A EX+3 Token Ring (discontinued)
J3263A 300X 10/100
J3264A 500X Token Ring
J3265A 500X 10/100
----------------------------------------------------------
HP-UX Systems running snmpd or OPENVIEW
----------------------------------------------------------
The following patches are available now:
PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch
PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch
PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated
Patch
All three patches are available from:
http://support.openview.hp.com/cpe/patches/
In addition PHSS_26137 and PHSS_26138 will soon be available from:
http://itrc.hp.com
================================================================
NOTE: The patches are labeled OV(Open View). However, the patches
are also applicable to systems that are not running Open View.
=================================================================
Any HP-UX 10.X or 11.X system running snmpd or snmpdm is
vulnerable.
To determine if your HP-UX system has snmpd or snmpdm installed:
swlist -l file | grep snmpd
If a patch is not available for your platform or you cannot install
an available patch, snmpd and snmpdm can be disabled by removing
their
entries from /etc/services and removing the execute permissions
from
/usr/sbin/snmpd and /usr/sbin/snmpdm.
----------------------------------------------------------------
Investigation completed, systems vulnerable.
----------------------------------------------------------------
MC/ServiceGuard
Event Monitoring System (EMS)
----------------------------------------------------------------
Still under investigation:
----------------------------------------------------------------
SNMP/iX (MPE/iX)
Hirschmann Electronics GmbH & Co. KG
Hirschmann Electronics GmbH & Co. KG supplies a broad range of
networking products, some of which are affected by the SNMP
vulnerabilities identified by CERT Coordination Center. Hirschmann customers may contact our Competence
Center (phone +49-7127-14-1538, email:
ans-support@nt.hirschmann.de) for additional information,
especially regarding availability of latest firmware releases
addressing the SNMP vulnerabilities.
IBM Corporation
Based upon the results of running the test suites we have
determined that our version of SNMP shipped with AIX is NOT
vulnerable.
Innerdive Solutions, LLC
Innerdive Solutions, LLC has two SNMP based products:
1. The "SNMP MIB Scout"
(http://www.innerdive.com/products/mibscout/)
2. The "Router IP Console" (http://www.innerdive.com/products/ric/)
The "SNMP MIB Scout" is not vulnerable to either bug.
The "Router IP Console" releases prior to 3.3.0.407 are vulnerable.
The release of "Router IP Console" correcting the behavior outlined
in OUSPG#0100 is 3.3.0.407 and is already available on our site.
Also, we will notify all our customers about this new release no
later than March 5, 2002.
Juniper Networks
This is in reference to your notification regarding CAN-2002-0012
and CAN-2002-0013. Juniper Networks has reproduced this behavior
and coded a software fix. The fix will be included in all releases
of JUNOS Internet software built after January 5, 2002. Customers
with current support contracts can download new software with the
fix from Juniper's web site at www.juniper.net.
Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can
only be reproduced in JUNOS Internet software if certain tracing
options are enabled. These options are generally not enabled in
production routers.
Lantronix, Inc.
Lantronix is committed to resolving security issues with our
products. The SNMP security bug you reported has been fixed in LRS
firmware version B1.3/611(020123).
Lotus Development Corporation
Lotus Software evaluated the Lotus Domino Server for
vulnerabilities using the test suite materials provided by OUSPG.
This problem does not affect default installations of the Domino
Server. However, SNMP agents can be installed from the CD to
provide SNMP services for the Domino Server (these are located in
the /apps/sysmgmt/agents directory). The optional platform
specific master and encapsulator agents included with the Lotus
Domino SNMP Agents for HP-UX and Solaris have been found to be
vulnerable. For those platforms, customers should upgrade to
version R5.0.1 a of the Lotus Domino SNMP Agents, available for
download from the Lotus Knowledge Base on the IBM Support Web Site
(http://www.ibm.com/software/lotus/support/). Please refer to
Document #191059, "Lotus Domino SNMP Agents R5.0.1a", also in the
Lotus Knowledge Base, for more details.
LOGEC Systems Inc
The products from LOGEC Systems are exposed to SNMP only via HP
OpenView. We do not have an implementation of SNMP ourselves. As
such, there is nothing in our products that would be an issue with
this alert.
Lucent
Lucent is aware of reports that there is a vulnerability in certain
implementations of the SNMP (Simple Network Management Protocol)
code that is used in data switches and other hardware throughout
the telecom industry.
As soon as we were notified by CERT, we began assessing our product
portfolio and notifying customers with products that might be
affected.
Our 5ESS switch and most of our optical portfolio were not
affected. Our core and edge ATM switches and most of our edge
access products are affected, but we have developed, tested, and
deployed fixes for many of those products to our customers.
We consider the security and reliability of our customers' networks
to be one of our critical measures of success. We take every
reasonable measure to ensure their satisfaction.
In addition, we are working with customers on ways to further
enhance the security they have in place today.
Marconi
Marconi supplies a broad range of telecommunications and related
products, some of which are affected by the SNMP vulnerabilities
identified here. Those
Marconi customers with support entitlement may contact the
appropriate Technical Assistance Center (TAC) for additional
information. Those not under support entitlement may contact their
sales representative.
Microsoft Corporation
The Microsoft Security Reponse [sic] Center has investigated this
issue, and provides the following information. The SNMP v1 service is not installed or running by
default on any version of Windows. A patch is underway to eliminate
the vulnerability. In the meantime, we recommend that affected
customers disable the SNMP v1 service.
Details:
An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE.
It is not installed or running by default on any of these
platforms. An SNMP v1 is NOT provided for Windows ME. However, it
is possible that Windows 98 machines which had the service
installed and were upgraded would still have the service. Since
SNMP is not supported for WinME, customers in this situation are
urged to remove the SNMP service.
An SNMP v1 service is available on Windows NT 4.0 (including
Terminal Server Edition) and Windows 2000 but is not installed or
running by default on any of these platforms.Windows XP does not
ship with an SNMP v1 service.
Remediation:
A patch is underway for the affected platforms, and will be
released shortly. In the meantime, Microsoft recommends that
customers who have the SNMP v1 service running disable it to
protect their systems. Following are instruction for doing this:
Windows 95, 98 and 98SE:
1. In Control Panel, double-click Network.
2. On the Configuration tab, select Microsoft SNMP Agent from the
list of installed components.
3. Click Remove
Check the following keys and confirm that snmp.exe is not listed.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunSer
vices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
For Windows XP:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
For Windows NT 4.0 (including Terminal Server Edition):
1. Select Start, then Settings.
2. Select Control Panel, then click on the Services Icon
3. Locate SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close Control Panel
Windows 2000:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
Multinet
MultiNet and TCPware customers should contact Process Software to
check for the availability of patches for this issue. A couple of
minor problems were found and fixed, but there is no security risk
related to the SNMP code included with either product.
Netaphor
NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP
Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,
two Java based products that may be affected by the SNMP
vulnerabilities identified here. The manner in which they are
affected and the actions required (if any) to avoid being impacted
by exploitation of these vulnerabilities, may be obtained by
contacting Netaphor via email at info@netaphor.com Customers with
annual support may contact support@netaphor.com directly. Those not
under support entitlement may contact Netaphor sales:
sales@netaphor.com or (949) 470 7955 in USA.
NetBSD
NetBSD does not ship with any SNMP tools in our 'base' releases. We
do provide optional packages which provide various support for
SNMP. These packages are not installed by default, nor are they
currently provided as an install option by the operating system
installation tools. A system administrator/end-user has to manually
install this with our package management tools. These SNMP packages
include:
+ netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for
netsaint)
+ p5-Net-SNMP-3.60 (perl5 module for SNMP queries)
+ p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP
library
+ p5-SNMP_Session-0.83 (perl5 module providing rudimentary
access to remote SNMP agents)
+ ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.1.2)
+ ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.2.1)
We do provide a software monitoring mechanism called
'audit-packages', which allows us to highlight if a package with a
range of versions has a potential vulnerability, and recommends
that the end-user upgrade the packages in question.
Netscape Communications Corporation
Netscape continues to be committed to maintaining a high level of
quality in our software and service offerings. Part of this
commitment includes prompt response to security issues discovered
by organizations such as the CERT Coordination Center.
According to a recent CERT/CC advisory, The Oulu University Secure
Programming Group (OUSPG) has reported numerous vulnerabilities in
multiple vendor SNMPv1 implementations.
We have carefully examined the reported findings, performing the
tests suggested by the OUSPG to determine whether Netscape server
products were subject to these vulnerabilities. It was determined
that several products fell into this category. As a result, we have
created fixes which will resolve the issues, and these fixes will
appear in future releases of our product line. To Netscape's
knowledge, there are no known instances of these vulnerabilities
being exploited and no customers have been affected to date.
When such security warnings are issued, Netscape has committed to -
and will continue to commit to - resolving these issues in a prompt
and timely fashion, ensuring that our customers receive products of
the highest quality and security.
NET-SNMP
All ucd-snmp version prior to 4.2.2 are susceptible to this
vulnerability and users of versions prior to version 4.2.2 are
encouraged to upgrade their software as soon as possible
(http://www.net-snmp.org/download/). Version 4.2.2 and higher are
not susceptible.
Network Associates
PGP is not affected, impacted, or otherwise related to this VU#.
Network Computing Technologies
Network Computing Technologies has reviewed the information
regarding SNMP vulnerabilities and is currently investigating the
impact to our products.
Nokia
This vulnerability is known to affect IPSO versions 3.1.3, 3.3,
3.3.1, 3.4, and 3.4.1. Patches are currently available for
versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia
website. In addition, version 3.4.2 shipped with the patch
incorporated, and the necessary fix will be included in all future
releases of IPSO.
We recommend customers install the patch immediately or follow the
recommended precautions below to avoid any potential exploit.
If you are not using SNMP services, including Traps, simply disable
the SNMP daemon to completely eliminate the potential
vulnerability.
If you are using only SNMP Traps and running Check Point
FireWall-1, create a firewall policy to disallow incoming SNMP
messages on all appropriate interfaces. Traps will continue to work
normally.
Nortel Networks
The CERT Coordination Center has issued a broad based alert to the
technology industry, including Nortel Networks, regarding potential
security vulnerabilities identified in the Simple Network
Management Protocol (SNMP), a common networking standard. The
company is working with CERT and other network equipment
manufacturers, the U.S. Government, service providers, and software
suppliers to assess and address this issue.
Novell
Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x
and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on
NetWare are fixed and will be available through NetWare 6 Support
Pack 1 & NetWare 5.1 Support Pack 4. Support packs are available at
http://support.novell.com/tools/csp/
OpenBSD
OpenBSD does not ship SNMP code.
Qualcomm
WorldMail does not support SNMP by default, so customers who run
unmodified installations are not vulnerable.
Redback Networks, Inc.
Redback Networks, Inc. has identified that the vulnerability in
question affects certain versions of AOS software on the SMS 500,
SMS 1800, and SMS 10000 platforms, and is taking the appropriate
steps necessary to correct the issue.
Red Hat
RedHat has released a security advisiory [sic] at
http://www.redhat.com/support/errata/RHSA-2001-163.html
with updated versions of the ucd-snmp package for all supported
releases and architectures. For more information or to download the
update please visit this page.
SGI
SGI acknowledges the SNMP vulnerabilities reported by CERT and is
currently investigating.
For the protection of all our customers, SGI does not disclose,
discuss or confirm vulnerabilities until a full investigation has
occurred and any necessary patch(es) or release streams are
available for all vulnerable and supported IRIX operating systems.
Until SGI has more definitive information to provide, customers are
encouraged to assume all security vulnerabilities as exploitable
and take appropriate steps according to local site security
policies and requirements. As further information becomes
available, additional advisories will be issued via the normal SGI
security information distribution methods including the wiretap
mailing list on http://www.sgi.com/support/security/.
SNMP Research International
SNMP Research has made the following vendor statement. They are
likely to revise and expand the statement as the date for the
public vulnerability announcement draws nearer. Users maintaining
earlier releases should update to the current release if they have
not already done so. Other Stonesoft's products are
still under investigation.
Sun's SNMP product, Solstice Enterprise Agents (SEA), described
here:
http://www.sun.com/solstice/products/ent.agents/
is affected by VU#854306 but not VU#107186. More specifically the
main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8.
Sun is currently generating patches for this issue and will be
releasing a Sun Security Bulletin once the patches are available.
The bulletin will be available from:
http://sunsolve.sun.com/security. Sun patches are available from:
http://sunsolve.sun.com/securitypatch.
Symantec Corporation
Symantec Corporation has investigated the SNMP issues identified by
the OUSPG test suite and determined that Symantec products are not
susceptable [sic] to these issues.
TANDBERG
Tandberg have run all the testcases found the PROTOS test-suie
[sic], c06snmpv1:
1. c06-snmpv1-trap-enc-pr1.jar
2. c06-snmpv1-treq-app-pr1.jar
3. c06-snmpv1-trap-enc-pr1.jar
4. c06-snmpv1-req-app-pr1.jar
The tests were run with standard delay time between the requests
(100ms), but also with a delay of 1ms. The tests applies to all
TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The
software tested on these products were B4.0 (our latest software)
and no problems were found when running the test suite.
Appendix B. - References 1. http://www.ee.oulu.fi/research/ouspg/protos/ 2. http://www.kb.cert.org/vuls/id/854306 3. http://www.kb.cert.org/vuls/id/107186 4. http://www.cert.org/tech_tips/denial_of_service.html 5. http://www.ietf.org/rfc/rfc1067.txt 6. http://www.ietf.org/rfc/rfc1089.txt 7. http://www.ietf.org/rfc/rfc1140.txt 8. http://www.ietf.org/rfc/rfc1155.txt 9. http://www.ietf.org/rfc/rfc1156.txt 10. http://www.ietf.org/rfc/rfc1215.txt 11. http://www.ietf.org/rfc/rfc1270.txt 12. http://www.ietf.org/rfc/rfc1352.txt
Appendix C. - Background Information
Background Information on the OUSPG
OUSPG is an academic research group located at Oulu University in
Finland. The purpose of this research group is to test software
for vulnerabilities.
History has shown that the techniques used by the OUSPG have
discovered a large number of previously undetected problems in the
products and protocols they have tested. In 2001, the OUSPG
produced a comprehensive test suite for evaluating implementations
of the Lightweight Directory Access Protocol (LDAP). This test
suite was developed with the strategy of abusing the protocol in
unsupported and unexpected ways, and it was very effective in
uncovering a wide variety of vulnerabilities across several
products. This approach can reveal vulnerabilities that would not
manifest themselves under normal conditions.
After completing its work on LDAP, OUSPG moved its focus to
SNMPv1. As with LDAP, they designed a custom test suite, began
testing a selection of products, and found a number of
vulnerabilities. Because OUSPG's work on LDAP was similar in
procedure to its current work on SNMP, you may wish to review the
LDAP Test Suite and CERT Advisory CA-2001-18, which outlined
results of application of the test suite.
In order to test the security of protocols like SNMPv1, the PROTOS
project presents a server with a wide variety of sample packets
containing unexpected values or illegally formatted data. As a
member of the PROTOS project consortium, the OUSPG used the PROTOS
c06-snmpv1 test suite to study several implementations of the
SNMPv1 protocol. Software and
firmware products designed for networks often make use of the SNMP
protocol. SNMP runs on a multitude of devices and operating
systems, including, but not limited to,
+ Core Network Devices (Routers, Switches, Hubs, Bridges, and
Wireless Network Access Points)
+ Operating Systems
+ Consumer Broadband Network Devices (Cable Modems and DSL
Modems)
+ Consumer Electronic Devices (Cameras and Image Scanners)
+ Networked Office Equipment (Printers, Copiers, and FAX
Machines)
+ Network and Systems Management/Diagnostic Frameworks (Network
Sniffers and Network Analyzers)
+ Uninterruptible Power Supplies (UPS)
+ Networked Medical Equipment (Imaging Units and Oscilloscopes)
+ Manufacturing and Processing Equipment
The SNMP protocol is formally defined in RFC1157. Quoting from
that RFC:
Implicit in the SNMP architectural model is a collection
of network management stations and network elements.
Network management stations execute management
applications which monitor and control network elements.
Network elements are devices such as hosts, gateways,
terminal servers, and the like, which have management
agents responsible for performing the network management
functions requested by the network management stations.
Additionally, SNMP is discussed in a number of other RFC
documents:
+ RFC 3000 Internet Official Protocol Standards
+ RFC 1212 Concise MIB Definitions
+ RFC 1213 Management Information Base for Network Management
of TCP/IP-based Internets: MIB-II
+ RFC 1215 A Convention for Defining Traps for use with the
SNMP
+ RFC 1270 SNMP Communications Services
+ RFC 2570 Introduction to Version 3 of the Internet-standard
Network Management Framework
+ RFC 2571 An Architecture for Describing SNMP Management
Frameworks
+ RFC 2572 Message Processing and Dispatching for the Simple
Network Management Protocol (SNMP)
+ RFC 2573 SNMP Applications
+ RFC 2574 User-based Security Model (USM) for version 3 of the
Simple Network Management Protocol (SNMPv3)
+ RFC 2575 View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP)
+ RFC 2576 Coexistence between Version 1, Version 2, and
Version 3 of the Internet-standard Network Management
Framework
_____________________________________________________________
The CERT Coordination Center thanks the Oulu University Secure
Programming Group for reporting these vulnerabilities to us, for
providing detailed technical analyses, and for assisting us in
preparing this advisory. We also thank Steven M. Bellovin (AT&T
Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP
Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),
Rob Thomas, Blue Boar (Thievco), and the many others who
contributed to this document.
_____________________________________________________________
Feedback on this document can be directed to the authors, Ian A.
Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D.
Householder, Marty Lindner, and Art Manion.
__________________________________________________________________
This document is available from:
http://www.cert.org/advisories/CA-2002-03.html
__________________________________________________________________
CERT/CC Contact Information
Email: cert@cert.org
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
Postal address:
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /
EDT(GMT-4) Monday through Friday; they are on call for emergencies
during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by
email. Our public PGP key is available from
http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more
information.
Getting security information
CERT publications and other security information are available
from our web site
http://www.cert.org/
To subscribe to the CERT mailing list for advisories and
bulletins, send email to majordomo@cert.org. Please include in the
body of your message
subscribe cert-advisory
* "CERT" and "CERT Coordination Center" are registered in the U.S.
Patent and Trademark Office.
__________________________________________________________________
NO WARRANTY
Any material furnished by Carnegie Mellon University and the
Software Engineering Institute is furnished on an "as is" basis.
Carnegie Mellon University makes no warranties of any kind, either
expressed or implied as to any matter including, but not limited
to, warranty of fitness for a particular purpose or
merchantability, exclusivity or results obtained from use of the
material. Carnegie Mellon University does not make any warranty of
any kind with respect to freedom from patent, trademark, or
copyright infringement.
_____________________________________________________________
Conditions for use, disclaimers, and sponsorship information
Copyright 2002 Carnegie Mellon University.
Revision History
February 12, 2002: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU R1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl QUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr uZiMJ5f2SEo= =h42e -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200202-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.0",
"scope": "ne",
"trust": 5.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1",
"scope": "ne",
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adventnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "american power conversion",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "aprisma",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bea",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bmc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cnt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "comtek services",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cscare",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cacheflow",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "carrier access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "compaq computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "concord",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dart",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "entrada",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "equinox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fluke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "general datacomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hirschmann",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "iplanet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "itouch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "infovista",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "inktomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "innerdive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "karlnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lantronix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "larscom incorporated",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mg soft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "marconi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mercury interactive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "metrobility optical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "micromuse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "monfox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "multinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net snmp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network harmoni",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nbase xyplex",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscout",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netsilicon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscape",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwave",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "optical access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "perle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "powerware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "radware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "snmp research",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sniffer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonicwall",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "symantec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "the sco group sco unix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "tivoli",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "toshiba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "unisphere",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vertical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vina",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "world wide packets",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "xerox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "e security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net com",
"version": null
},
{
"model": "ios 12.2",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "ios 12.0 xe",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 dc2",
"scope": "ne",
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "snmp",
"version": "*"
},
{
"model": "windows 98se",
"scope": null,
"trust": 0.9,
"vendor": "microsoft",
"version": null
},
{
"model": "windows",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.0 s6",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nudesign team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "outback resource group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "veritas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bintec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "interniche",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ncipher corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98 scd"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "me"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (server)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (terminal_srv)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (workstation)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "0"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "5.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "4.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "3.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "2.1"
},
{
"model": "ios 12.0 s7",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bx",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 xe?",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "ios 12.0 s1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 wc1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xu",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "ios 12.1 ex",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "snmp",
"scope": null,
"trust": 0.6,
"vendor": "snmp",
"version": null
},
{
"model": "sunnet manager sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "sunnet manager intel",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "sunmc rr",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "sunmc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "sunmc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1.1"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.5"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.4"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.3"
},
{
"model": "research mid-level manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research enterpol",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research dr-web manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "emulex 1gbit fibrechannel hub",
"scope": null,
"trust": 0.3,
"vendor": "sgi",
"version": null
},
{
"model": "brocade",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6.0"
},
{
"model": "networks aos",
"scope": null,
"trust": 0.3,
"vendor": "redback",
"version": null
},
{
"model": "realplayer intranet",
"scope": "eq",
"trust": 0.3,
"vendor": "realnetworks",
"version": "5.0"
},
{
"model": "software tcpware",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "5.5"
},
{
"model": "software multinet",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "4.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.11"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.2"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4.1"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.3.1"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.3"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.1.3"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.1"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.1.1"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows terminal services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "domino snmp agents solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1x86"
},
{
"model": "domino snmp agents solaris sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "domino snmp agents hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "lrs",
"scope": null,
"trust": 0.3,
"vendor": "lantronix",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "solutions router ip console",
"scope": "eq",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.406"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "procurve switch 8000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl-bundle",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2525"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2524"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2512"
},
{
"model": "procurve switch 2424m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 2400m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 1600m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ov/sam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.10"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.211.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.210.x"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.111.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.110.x"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.02000"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.011.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.010.20"
},
{
"model": "openview network node manager windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0.23.51/4.0"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview extensible snmp agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "openview emanate snmp agent solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.22.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.211.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.210.20"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.03"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "mc/serviceguard",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.20.00"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.00"
},
{
"model": "ito/vpo/ovo unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "ems a.03.20",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "gzip",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "3.1.02"
},
{
"model": "services nmserver",
"scope": "eq",
"trust": 0.3,
"vendor": "comtek",
"version": "3.4"
},
{
"model": "associates unicenter",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7"
},
{
"model": "openunix",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "8.0"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.6"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.5"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.14"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.13"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.12"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.11"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.21"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.19"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.18"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.17"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.16"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.15"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.14"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.13"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.12"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.11"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.20"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.10"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.09"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.08"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.07"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.06"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.05"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.04"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.03"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.02"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1"
},
{
"model": "cacheos",
"scope": null,
"trust": 0.3,
"vendor": "cacheflow",
"version": null
},
{
"model": "web nms msp edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "web nms",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp utilities",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "mediation server",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "management builder",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "fault management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "configuration management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "cli api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit java/jmx edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit c edition",
"scope": "eq",
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3000"
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1000"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4900"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4400"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3300"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1100"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "50"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "40"
},
{
"model": "dual speed hub",
"scope": null,
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "brocade .0d",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6"
},
{
"model": "ipso",
"scope": "ne",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4.2"
},
{
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.2"
},
{
"model": "solutions router ip console",
"scope": "ne",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.407"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.21.00"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
},
{
"model": "ios 12.0 wc 2900xl-lre",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4700"
},
{
"model": "ios 12.2 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7"
},
{
"model": "as5850",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000"
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ca1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(4.206)"
},
{
"model": "netranger sensor",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "as5200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vg248 analog phone gateway",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2gs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7750"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(8)"
},
{
"model": "ios 12.0 wt6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1"
},
{
"model": "traffic director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "ios 12.1 e5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "ios 12.0 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ya2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5300",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "cbos b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 11.1 cc4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 4840g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 aa4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "39203.0(7)"
},
{
"model": "secure ids network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ios 12.2 mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7100"
},
{
"model": "cva120",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst native mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "ios 12.1 ea1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xq",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2sa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1005"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.015"
},
{
"model": "ios 12.2 mx1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1.200)"
},
{
"model": "bpx/igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "ap340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10700"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "ios 12.1 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "distributed director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2501"
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "ios 12.1 yi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 2948g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6"
},
{
"model": "ios 12.1 ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(7.202)"
},
{
"model": "ios 12.2 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232"
},
{
"model": "ios 12.1 ec",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "user registration tool vlan policy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "ios 11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8240",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7010"
},
{
"model": "unity server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst hybrid mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ios 12.0 wc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1)"
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "snmpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "ios 12.0 st5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ios 12.0 sl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.2"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 db2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.10"
},
{
"model": "ios 12.1 ey",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ios 12.0 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "catalyst msm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "nsp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.1 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "info center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "ios 12.0 wx5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "arrowpoint cs11000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure ids host sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2950"
},
{
"model": "ios 11.1 ct",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr7200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios 12.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ia",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv4"
},
{
"model": "ios 12.1 t12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1548"
},
{
"model": "ios 12.1 e12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 sx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.0 st",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8510csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bpx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xz7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2920"
},
{
"model": "ios 12.1 ea1b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2p",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "as5800",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 p2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6200"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1700"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "ios 12.1 e7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "ios 12.2 t1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "ios 12.2 xa5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.1"
},
{
"model": "ios 12.1 ew1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ca",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.053"
},
{
"model": "catalyst 2948g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "ios 12.2 mb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ios 12.2 t0a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "ios 12.0 wc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ap350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sl6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5400",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
},
{
"model": "ios 12.0 wc2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1400"
},
{
"model": "ios 12.1 yb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "ios 12.1 e6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(3)"
},
{
"model": "bts",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"model": "ios 12.0 sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.8"
},
{
"model": "ubr900",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(2)"
},
{
"model": "ios 12.2 xb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 t2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(7)"
},
{
"model": "ios 12.1 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 sa6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sc2200/vsc3000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wan manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "infocenter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "570"
},
{
"model": "call manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 bc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8260",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(6)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "ios 12.1 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "ios 12.2 xj1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bc1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 12.1 xm7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "catalyst supervisor module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ap352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7600"
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(7)xv"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3.210)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(13)"
},
{
"model": "ios 12.2da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "505"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "netranger",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ex3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.0sl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "br350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "ios 12.2 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "ios 12.0 st3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4500"
},
{
"model": "ios 12.2 xw1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 da3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "ons metro edge optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15327"
},
{
"model": "ios 12.2 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microhub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1500"
},
{
"model": "ios 12.2 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "ios 12.0sc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232-13"
},
{
"model": "ios 11.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "mgx-8220",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "element management framework",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "catalyst 4908g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wgb340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks windows/wug",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(5)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios 12.0 s2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 gs6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "ios 12.0 xf1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"model": "rsfc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "ios 12.1 ec1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6624",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "ios 11.1 ca2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "secure pix firewall",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7500"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "ios 12.2 xi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.11"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "wgb352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cat6k nam",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fasthub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4001.0"
},
{
"model": "ios 12.2 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.1 ea2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rsm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nrp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.4"
},
{
"model": "ws-x6608",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1600"
},
{
"model": "ios 12.1 xz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xs?",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.9"
},
{
"model": "catalyst 8510msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2500"
},
{
"model": "ios 12.2 ya1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "service expansion shelf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "ios 12.0 xe1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "iad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8110"
},
{
"model": "ios 12.1 ex4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.1 e9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 11.1ct",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "ios 12.1 xp",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7300"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3550"
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ciscoworks windows",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.2 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "esr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "ls1010 atm switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 dc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7.002"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "ios 12.1 xi8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3900"
},
{
"model": "ios 11.3 db1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "800"
},
{
"model": "mc3810",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1cc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7200"
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(4)"
},
{
"model": "catalyst 4912g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "cbos ap",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "ios 12.2 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr10000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(2)"
},
{
"model": "ios 12.2 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ibm:aix",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:vvos",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows-9x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_nt",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_xp",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0013",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0013",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0013",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#107186",
"trust": 0.8,
"value": "69.26"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#854306",
"trust": 0.8,
"value": "42.64"
},
{
"author": "NVD",
"id": "CVE-2002-0013",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200202-004",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2002-0013",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code \u30fb If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. \nThe resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. \nMultiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP request messages. \nAmong the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. \nIt is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2002-03: Multiple Vulnerabilities in Many\nImplementations of the Simple Network Management Protocol (SNMP)\n\n Original release date: February 12, 2002\n Last revised: --\n Source: CERT/CC\n\n A complete revision history can be found at the end of this file. \n\nSystems Affected\n\n Products from a very wide variety of vendors may be affected. See\n Vendor Information for details from vendors who have provided feedback\n for this advisory. \n\n In addition to the vendors who provided feedback for this advisory, a\n list of vendors whom CERT/CC contacted regarding these problems is\n available from\n http://www.kb.cert.org/vuls/id/854306\n http://www.kb.cert.org/vuls/id/107186 \n\n Many other systems making use of SNMP may also be vulnerable but were\n not specifically tested. \n\n In addition to this advisory, we also have an FAQ available at\n http://www.cert.org/tech_tips/snmp_faq.html\n\nI. \n Version 1 of the protocol (SNMPv1) defines several types of SNMP\n messages that are used to request information or configuration\n changes, respond to requests, enumerate SNMP objects, and send\n unsolicited alerts. The Oulu University Secure Programming Group\n (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous\n vulnerabilities in SNMPv1 implementations from many different vendors. \n More information about SNMP and OUSPG can be found in Appendix C\n\n OUSPG\u0027s research focused on the manner in which SNMPv1 agents and\n managers handle request and trap messages. A trap message\n may indicate a warning or error condition or otherwise notify the\n manager about the agent\u0027s state. Request\n messages might be issued to obtain information from an agent or to\n instruct the agent to configure the host device. \n\n Vulnerabilities in the decoding and subsequent processing of SNMP\n messages by both managers and agents may result in denial-of-service\n conditions, format string vulnerabilities, and buffer overflows. Some\n vulnerabilities do not require the SNMP message to use the correct\n SNMP community string. \n\n These vulnerabilities have been assigned the CVE identifiers\n CAN-2002-0012 and CAN-2002-0013, respectively. \n\nII. \n\nIII. Solution\n\n Note that many of the mitigation steps recommended below may have\n significant impact on your everyday network operations and/or network\n architecture. Ensure that any changes made based on the following\n recommendations will not unacceptably affect your ongoing network\n operations capability. \n\nApply a patch from your vendor\n\n Appendix A contains information provided by vendors for this advisory. \n Please consult this appendix to determine if you need to contact your\n vendor directly. \n\nDisable the SNMP service\n\n As a general rule, the CERT/CC recommends disabling any service or\n capability that is not explicitly required, including SNMP. \n Unfortunately, some of the affected products exhibited unexpected\n behavior or denial of service conditions when exposed to the OUSPG\n test suite even if SNMP was not enabled. In these cases, disabling\n SNMP should be used in conjunction with the filtering practices listed\n below to provide additional protection. \n\nIngress filtering\n\n As a temporary measure, it may be possible to limit the scope of these\n vulnerabilities by blocking access to SNMP services at the network\n perimeter. \n\n Ingress filtering manages the flow of traffic as it enters a network\n under your administrative control. Servers are typically the only\n machines that need to accept inbound traffic from the public Internet. \n In the network usage policy of many sites, there are few reasons for\n external hosts to initiate inbound traffic to machines that provide no\n public services. Thus, ingress filtering should be performed at the\n border to prohibit externally initiated inbound traffic to\n non-authorized services. For SNMP, ingress filtering of the following\n ports can prevent attackers outside of your network from impacting\n vulnerable devices in the local network that are not explicitly\n authorized to provide public SNMP services. \n\n snmp 161/udp # Simple Network Management Protocol (SNMP)\n snmp 162/udp # SNMP system management messages\n\n The following services are less common, but may be used on some\n affected products\n\n snmp 161/tcp # Simple Network Management Protocol\n (SNMP)\n snmp 162/tcp # SNMP system management messages\n smux 199/tcp # SNMP Unix Multiplexer\n smux 199/udp # SNMP Unix Multiplexer\n synoptics-relay 391/tcp # SynOptics SNMP Relay Port\n synoptics-relay 391/udp # SynOptics SNMP Relay Port\n agentx 705/tcp # AgentX\n snmp-tcp-port 1993/tcp # cisco SNMP TCP port\n snmp-tcp-port 1993/udp # cisco SNMP TCP port\n\n As noted above, you should carefully consider the impact of blocking\n services that you may be using. \n\n It is important to note that in many SNMP implementations, the SNMP\n daemon may bind to all IP interfaces on the device. This has important\n consequences when considering appropriate packet filtering measures\n required to protect an SNMP-enabled device. For example, even if a\n device disallows SNMP packets directed to the IP addresses of its\n normal network interfaces, it may still be possible to exploit these\n vulnerabilities on that device through the use of packets directed at\n the following IP addresses:\n * \"all-ones\" broadcast address\n * subnet broadcast address\n * any internal loopback addresses (commonly used in routers for\n management purposes, not to be confused with the IP stack loopback\n address 127.0.0.1)\n\n Careful consideration should be given to addresses of the types\n mentioned above by sites planning for packet filtering as part of\n their mitigation strategy for these vulnerabilities. \n\n Finally, sites may wish to block access to the following RPC services\n related to SNMP (listed as name, program ID, alternate names)\n\n snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys\n snmp-utk\n snmpv2 100138 na.snmpv2 # SNM Version 2.2.2\n snmpXdmid 100249\n\n Please note that this workaround may not protect vulnerable devices\n from internal attacks. \n\nFilter SNMP traffic from non-authorized internal hosts\n\n In many networks, only a limited number of network management systems\n need to originate SNMP request messages. This can reduce, but not wholly eliminate, the\n risk from internal attacks. However, it may have detrimental effects\n on network performance due to the increased load imposed by the\n filtering, so careful consideration is required before implementation. \n Similar caveats to the previous workaround regarding broadcast and\n loopback addresses apply. \n\nChange default community strings\n\n Most SNMP-enabled products ship with default community strings of\n \"public\" for read-only access and \"private\" for read-write access. As\n with any known default access control mechanism, the CERT/CC\n recommends that network administrators change these community strings\n to something of their own choosing. However, even when community\n strings are changed from their defaults, they will still be passed in\n plaintext and are therefore subject to packet sniffing attacks. SNMPv3\n offers additional capabilities to ensure authentication and privacy as\n described in RFC2574. \n\n Because many of the vulnerabilities identified in this advisory occur\n before the community strings are evaluated, it is important to note\n that performing this step alone is not sufficient to mitigate the\n impact of these vulnerabilities. Nonetheless, it should be performed\n as part of good security practice. \n\nSegregate SNMP traffic onto a separate management network\n\n In situations where blocking or disabling SNMP is not possible,\n exposure to these vulnerabilities may be limited by restricting all\n SNMP access to separate, isolated management networks that are not\n publicly accessible. Although this would ideally involve physically\n separate networks, that kind of separation is probably not feasible in\n most environments. Mechanisms such as virtual LANs (VLANs) may be used\n to help segregate traffic on the same physical network. Note that\n VLANs may not strictly prevent an attacker from exploiting these\n vulnerabilities, but they may make it more difficult to initiate the\n attacks. \n\n Another option is for sites to restrict SNMP traffic to separate\n virtual private networks (VPNs), which employ cryptographically strong\n authentication. \n\n Note that these solutions may require extensive changes to a site\u0027s\n network architecture. \n\nEgress filtering\n\n Egress filtering manages the flow of traffic as it leaves a network\n under your administrative control. There is typically limited need for\n machines providing public services to initiate outbound traffic to the\n Internet. In the case of SNMP vulnerabilities, employing egress\n filtering on the ports listed above at your network border can prevent\n your network from being used as a source for attacks on other sites. \n\nDisable stack execution\n\n Disabling executable stacks (on systems where this is configurable)\n can reduce the risk of \"stack smashing\" attacks based on these\n vulnerabilities. Although this does not provide 100 percent protection\n against exploitation of these vulnerabilities, it makes the likelihood\n of a successful exploit much smaller. On many UNIX systems, executable\n stacks can be disabled by adding the following lines to /etc/system:\n\n set noexec_user_stack = 1 set noexec_user_stack_log = 1\n\n Note that this may go against the SPARC and Intel ABIs and can be\n bypassed as required in programs with mprotect(2). For the changes to\n take effect you will then need to reboot. \n\n Other operating systems and architectures also support the disabling\n of executable stacks either through native configuration parameters or\n via third-party software. Consult your vendor(s) for additional\n information. \n\nShare tools and techniques\n\n Because dealing with these vulnerabilities to systems and networks is\n so complex, the CERT/CC will provide a forum where administrators can\n share ideas and techniques that can be used to develop proper\n defenses. We have created an unmoderated mailing list for system and\n network administrators to discuss helpful techniques and tools. \n\n You can subscribe to the mailing list by sending an email message to\n majordomo@cert.org. In the body of the message, type\n\n subscribe snmp-forum\n\n After you receive the confirmation message, follow the instructions in\n the message to complete the subscription process. \n\nAppendix A. - Vendor Information\n\n This appendix contains information provided by vendors for this\n advisory. As vendors report new information to the CERT/CC, we will\n update this section and note the changes in our revision history. If a\n particular vendor is not listed below, we have not received their\n comments. \n\nAdventNet\n\n This is in reference to your notification regarding [VU#107186 and\n VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this\n behavior in their products and coded a Service Pack fix which is\n currently in regression testing in AdventNet Inc.\u0027s Q.A. \n organization. The release of AdventNet Inc\u0027s. Service Pack\n correcting the behavior outlined in VU#617947, and OUSPG#0100 is\n scheduled to be generally available to all of AdventNet Inc.\u0027s\n customers by February 20, 2002. \n\nAvaya\n\n Avaya Inc. \n\nCacheFlow\n\n The purpose of this email is to advise you that CacheFlow Inc. has\n provided a software update. Please be advised that updated versions\n of the software are now available for all supported CacheFlow\n hardware platforms, and may be obtained by CacheFlow customers at\n the following URL:\n\n http://download.cacheflow.com/\n\n The specific reference to the software update is contained within the\n Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15\n Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149. \n\n RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm\n\n RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm\n\n * SR 1-1647517, VI 13045: This update modified a potential\n vulnerability by using an SNMP test tools exploit. \n\n3Com Corporation\n\n A vulnerability to an SNMP packet with an invalid length community\n string has been resolved in the following products. Customers\n concerned about this weakness should ensure that they upgrade to\n the following agent versions:\n PS Hub 40\n 2.16 is due Feb 2002\n PS Hub 50\n 2.16 is due Feb 2002\n Dual Speed Hub\n 2.16 is due Jan 2002\n Switch 1100/3300\n 2.68 is available now\n Switch 4400\n 2.02 is available now\n Switch 4900\n 2.04 is available now\n WebCache1000/3000\n 2.00 is due Jan 2002\n\nCaldera\n\n Caldera International, Inc. has reproduced faulty behavior in\n Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX\n 8. We have coded a software fix for supported versions of Caldera\n UnixWare 7 and Caldera Open UNIX 8 that will be available from\n our support site at http://stage.caldera.com/support/security\n immediately following the publication of this CERT announcement. A\n fix for supported versions of OpenServer 5 will be available at a\n later date. \n\nCisco Systems\n\n Cisco Systems is addressing the vulnerabilities identified by\n VU#854306 and VU#107186 across its entire product line. Cisco will\n publish a security advisory with further details at\n http://www.cisco.com/go/psirt/. \n\nCompaq Computer Corporation\n\n x-ref: SSRT0779U SNMP\n At the time of writing this document, COMPAQ continues to evaluate\n this potential problem and when new versions of SNMP are available,\n COMPAQ will implement solutions based on the new code. Compaq will\n provide notice of any new patches as a result of that effort\n through standard patch notification procedures and be available\n from your normal Compaq Services support channel. \n\nComputer Associates\n\n Computer Associates has confirmed Unicenter vulnerability to the\n SNMP advisory identified by CERT notification reference [VU#107186\n \u0026 VU#854306] and OUSPG#0100. We have produced corrective\n maintenance to address these vulnerabilities, which is in the\n process of publication for all applicable releases / platforms and\n will be offered through the CA Support site. Please contact our\n Technical Support organization for information regarding\n availability / applicability for your specific configuration(s). \n\nCOMTEK Services, Inc. \n\n NMServer for AS/400 is not an SNMP master and is therefore not\n vulnerable. However this product requires the use of the AS/400\n SNMP master agent supplied by IBM. \n\n NMServer for OpenVMS has been tested and has shown to be\n vulnerable. COMTEK Services is preparing a new release of this\n product (version 3.5) which will contain a fix for this problem. \n This new release is scheduled to be available in February 2002. \n Contact COMTEK Services for further information. \n\n NMServer for VOS has not as yet been tested; vulnerability of this\n agent is unknown. Contact for further information on the testing\n schedule of the VOS product. \n\nCovalent Technologies\n\n Covalent Technologies ERS (Enterprise Ready Server), Secure Server,\n and Conductor SNMP module are not vulnerable according to testing\n performed in accordance with CERT recommendations. Security\n information for Covalent products can be found at www.covalent.net\n\nDartware, LLC\n\n Dartware, LLC (www.dartware.com) supplies two products that use\n SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present\n and past versions of these two software packages. \n\nDMH Software\n\n DMH Software is in the process of evaluating and attempting to\n reproduce this behavior. \n It is unclear at this point if our snmp-agent is sensitive to the\n tests described above. \n If any problems will be discovered, DMH Software will code a\n software fix. \n The release of DMH Software OS correcting the behavior outlined in\n VU#854306, VU#107186, and OUSPG#0100 will be generally available to\n all of DMH Software\u0027s customers as soon as possible. \n\nEnGarde Secure Linux\n\n EnGarde Secure Linux did not ship any SNMP packages in version\n 1.0.1 of our distribution, so we are not vulnerable to either bug. \n\nFreeBSD\n\n FreeBSD does not include any SNMP software by default, and so is\n not vulnerable. However, the FreeBSD Ports Collection contains the\n UCD-SNMP / NET-SNMP package. Package versions prior to\n ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release\n will ship the corrected version of the UCD-SNMP / NET-SNMP\n package. In addition, the corrected version of the packages is\n available from the FreeBSD mirrors. \n\n FreeBSD has issued the following FreeBSD Security Advisory\n regarding the UCD-SNMP / NET-SNMP package:\n ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09. \n snmp.asc. \n\nHewlett-Packard Company\n\n SUMMARY - known vulnerable:\n ========================================\n hp procurve switch 2524\n NNM (Network Node Manager)\n JetDirect Firmware (Older versions only)\n HP-UX Systems running snmpd or OPENVIEW\n MC/ServiceGuard\n EMS\n Still under investigation:\n SNMP/iX (MPE/iX)\n ========================================\n _________________________________________________________\n ---------------------------------------------------------\n hp procurve switch 2524 \n ---------------------------------------------------------\n hp procurve switch 2525 (product J4813A) is vulnerable to some\n issues, patches in process. Watch for the associated HP\n Security Bulletin. \n ---------------------------------------------------------\n NNM (Network Node Manager)\n ---------------------------------------------------------\n Some problems were found in NNM product were related to\n trap handling. Patches in process. Watch for the\n associated HP Security Bulletin. \n ---------------------------------------------------------\n JetDirect Firmware (Older versions only)\n ---------------------------------------------------------\n ONLY some older versions of JetDirect Firmware are\n vulnerable to some of the issues. The older firmware\n can be upgraded in most cases, see list below. \n JetDirect Firmware Version State\n ========================== =====\n X.08.32 and higher NOT Vulnerable\n X.21.00 and higher NOT Vulnerable\n JetDirect Product Numbers that can be freely\n upgraded to X.08.32 or X.21.00 or higher firmware. \n EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)\n J3110A 10T\n J3111A 10T/10B2/LocalTalk\n J3112A Token Ring (discontinued)\n J3113A 10/100 (discontinued)\n J4169A 10/100\n J4167A Token Ring\n MIO (Peripherals LaserJet 4, 4si, 5si, etc...)\n J2550A/B 10T (discontinued)\n J2552A/B 10T/10Base2/LocalTalk (discontinued)\n J2555A/B Token Ring (discontinued)\n J4100A 10/100\n J4105A Token Ring\n J4106A 10T\n External Print Servers\n J2591A EX+ (discontinued)\n J2593A EX+3 10T/10B2 (discontinued)\n J2594A EX+3 Token Ring (discontinued)\n J3263A 300X 10/100\n J3264A 500X Token Ring\n J3265A 500X 10/100\n ----------------------------------------------------------\n HP-UX Systems running snmpd or OPENVIEW\n ----------------------------------------------------------\n The following patches are available now:\n PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch\n PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch\n PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated\n Patch\n All three patches are available from:\n http://support.openview.hp.com/cpe/patches/\n In addition PHSS_26137 and PHSS_26138 will soon be available from:\n http://itrc.hp.com\n ================================================================\n NOTE: The patches are labeled OV(Open View). However, the patches\n are also applicable to systems that are not running Open View. \n =================================================================\n Any HP-UX 10.X or 11.X system running snmpd or snmpdm is\n vulnerable. \n To determine if your HP-UX system has snmpd or snmpdm installed:\n swlist -l file | grep snmpd\n If a patch is not available for your platform or you cannot install\n an available patch, snmpd and snmpdm can be disabled by removing\n their\n entries from /etc/services and removing the execute permissions\n from\n /usr/sbin/snmpd and /usr/sbin/snmpdm. \n ----------------------------------------------------------------\n Investigation completed, systems vulnerable. \n ----------------------------------------------------------------\n MC/ServiceGuard\n Event Monitoring System (EMS)\n ----------------------------------------------------------------\n Still under investigation:\n ----------------------------------------------------------------\n SNMP/iX (MPE/iX)\n\nHirschmann Electronics GmbH \u0026 Co. KG\n\n Hirschmann Electronics GmbH \u0026 Co. KG supplies a broad range of\n networking products, some of which are affected by the SNMP\n vulnerabilities identified by CERT Coordination Center. Hirschmann customers may contact our Competence\n Center (phone +49-7127-14-1538, email:\n ans-support@nt.hirschmann.de) for additional information,\n especially regarding availability of latest firmware releases\n addressing the SNMP vulnerabilities. \n\nIBM Corporation\n\n Based upon the results of running the test suites we have\n determined that our version of SNMP shipped with AIX is NOT\n vulnerable. \n\nInnerdive Solutions, LLC\n\n Innerdive Solutions, LLC has two SNMP based products:\n 1. The \"SNMP MIB Scout\"\n (http://www.innerdive.com/products/mibscout/)\n 2. The \"Router IP Console\" (http://www.innerdive.com/products/ric/)\n The \"SNMP MIB Scout\" is not vulnerable to either bug. \n The \"Router IP Console\" releases prior to 3.3.0.407 are vulnerable. \n The release of \"Router IP Console\" correcting the behavior outlined\n in OUSPG#0100 is 3.3.0.407 and is already available on our site. \n Also, we will notify all our customers about this new release no\n later than March 5, 2002. \n\nJuniper Networks\n\n This is in reference to your notification regarding CAN-2002-0012\n and CAN-2002-0013. Juniper Networks has reproduced this behavior\n and coded a software fix. The fix will be included in all releases\n of JUNOS Internet software built after January 5, 2002. Customers\n with current support contracts can download new software with the\n fix from Juniper\u0027s web site at www.juniper.net. \n Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can\n only be reproduced in JUNOS Internet software if certain tracing\n options are enabled. These options are generally not enabled in\n production routers. \n\nLantronix, Inc. \n\n Lantronix is committed to resolving security issues with our\n products. The SNMP security bug you reported has been fixed in LRS\n firmware version B1.3/611(020123). \n\nLotus Development Corporation\n\n Lotus Software evaluated the Lotus Domino Server for\n vulnerabilities using the test suite materials provided by OUSPG. \n This problem does not affect default installations of the Domino\n Server. However, SNMP agents can be installed from the CD to\n provide SNMP services for the Domino Server (these are located in\n the /apps/sysmgmt/agents directory). The optional platform\n specific master and encapsulator agents included with the Lotus\n Domino SNMP Agents for HP-UX and Solaris have been found to be\n vulnerable. For those platforms, customers should upgrade to\n version R5.0.1 a of the Lotus Domino SNMP Agents, available for\n download from the Lotus Knowledge Base on the IBM Support Web Site\n (http://www.ibm.com/software/lotus/support/). Please refer to\n Document #191059, \"Lotus Domino SNMP Agents R5.0.1a\", also in the\n Lotus Knowledge Base, for more details. \n\nLOGEC Systems Inc\n\n The products from LOGEC Systems are exposed to SNMP only via HP\n OpenView. We do not have an implementation of SNMP ourselves. As\n such, there is nothing in our products that would be an issue with\n this alert. \n\nLucent\n\n Lucent is aware of reports that there is a vulnerability in certain\n implementations of the SNMP (Simple Network Management Protocol)\n code that is used in data switches and other hardware throughout\n the telecom industry. \n As soon as we were notified by CERT, we began assessing our product\n portfolio and notifying customers with products that might be\n affected. \n Our 5ESS switch and most of our optical portfolio were not\n affected. Our core and edge ATM switches and most of our edge\n access products are affected, but we have developed, tested, and\n deployed fixes for many of those products to our customers. \n We consider the security and reliability of our customers\u0027 networks\n to be one of our critical measures of success. We take every\n reasonable measure to ensure their satisfaction. \n In addition, we are working with customers on ways to further\n enhance the security they have in place today. \n\nMarconi\n\n Marconi supplies a broad range of telecommunications and related\n products, some of which are affected by the SNMP vulnerabilities\n identified here. Those\n Marconi customers with support entitlement may contact the\n appropriate Technical Assistance Center (TAC) for additional\n information. Those not under support entitlement may contact their\n sales representative. \n\nMicrosoft Corporation\n\n The Microsoft Security Reponse [sic] Center has investigated this\n issue, and provides the following information. The SNMP v1 service is not installed or running by\n default on any version of Windows. A patch is underway to eliminate\n the vulnerability. In the meantime, we recommend that affected\n customers disable the SNMP v1 service. \n\n Details:\n An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE. \n It is not installed or running by default on any of these\n platforms. An SNMP v1 is NOT provided for Windows ME. However, it\n is possible that Windows 98 machines which had the service\n installed and were upgraded would still have the service. Since\n SNMP is not supported for WinME, customers in this situation are\n urged to remove the SNMP service. \n An SNMP v1 service is available on Windows NT 4.0 (including\n Terminal Server Edition) and Windows 2000 but is not installed or\n running by default on any of these platforms.Windows XP does not\n ship with an SNMP v1 service. \n\n Remediation:\n A patch is underway for the affected platforms, and will be\n released shortly. In the meantime, Microsoft recommends that\n customers who have the SNMP v1 service running disable it to\n protect their systems. Following are instruction for doing this:\n\n Windows 95, 98 and 98SE:\n 1. In Control Panel, double-click Network. \n 2. On the Configuration tab, select Microsoft SNMP Agent from the\n list of installed components. \n 3. Click Remove\n\n Check the following keys and confirm that snmp.exe is not listed. \n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunSer\n vices\n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\n \n For Windows XP:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n \n For Windows NT 4.0 (including Terminal Server Edition):\n 1. Select Start, then Settings. \n 2. Select Control Panel, then click on the Services Icon\n 3. Locate SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close Control Panel\n\n Windows 2000:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n\nMultinet\n\n MultiNet and TCPware customers should contact Process Software to\n check for the availability of patches for this issue. A couple of\n minor problems were found and fixed, but there is no security risk\n related to the SNMP code included with either product. \n\nNetaphor\n\n NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP\n Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,\n two Java based products that may be affected by the SNMP\n vulnerabilities identified here. The manner in which they are\n affected and the actions required (if any) to avoid being impacted\n by exploitation of these vulnerabilities, may be obtained by\n contacting Netaphor via email at info@netaphor.com Customers with\n annual support may contact support@netaphor.com directly. Those not\n under support entitlement may contact Netaphor sales:\n sales@netaphor.com or (949) 470 7955 in USA. \n\nNetBSD\n\n NetBSD does not ship with any SNMP tools in our \u0027base\u0027 releases. We\n do provide optional packages which provide various support for\n SNMP. These packages are not installed by default, nor are they\n currently provided as an install option by the operating system\n installation tools. A system administrator/end-user has to manually\n install this with our package management tools. These SNMP packages\n include:\n + netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for\n netsaint)\n + p5-Net-SNMP-3.60 (perl5 module for SNMP queries)\n + p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP\n library\n + p5-SNMP_Session-0.83 (perl5 module providing rudimentary\n access to remote SNMP agents)\n + ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.1.2)\n + ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.2.1)\n\n We do provide a software monitoring mechanism called\n \u0027audit-packages\u0027, which allows us to highlight if a package with a\n range of versions has a potential vulnerability, and recommends\n that the end-user upgrade the packages in question. \n\nNetscape Communications Corporation\n\n Netscape continues to be committed to maintaining a high level of\n quality in our software and service offerings. Part of this\n commitment includes prompt response to security issues discovered\n by organizations such as the CERT Coordination Center. \n According to a recent CERT/CC advisory, The Oulu University Secure\n Programming Group (OUSPG) has reported numerous vulnerabilities in\n multiple vendor SNMPv1 implementations. \n We have carefully examined the reported findings, performing the\n tests suggested by the OUSPG to determine whether Netscape server\n products were subject to these vulnerabilities. It was determined\n that several products fell into this category. As a result, we have\n created fixes which will resolve the issues, and these fixes will\n appear in future releases of our product line. To Netscape\u0027s\n knowledge, there are no known instances of these vulnerabilities\n being exploited and no customers have been affected to date. \n When such security warnings are issued, Netscape has committed to -\n and will continue to commit to - resolving these issues in a prompt\n and timely fashion, ensuring that our customers receive products of\n the highest quality and security. \n\nNET-SNMP\n\n All ucd-snmp version prior to 4.2.2 are susceptible to this\n vulnerability and users of versions prior to version 4.2.2 are\n encouraged to upgrade their software as soon as possible\n (http://www.net-snmp.org/download/). Version 4.2.2 and higher are\n not susceptible. \n\nNetwork Associates\n\n PGP is not affected, impacted, or otherwise related to this VU#. \n\nNetwork Computing Technologies\n\n Network Computing Technologies has reviewed the information\n regarding SNMP vulnerabilities and is currently investigating the\n impact to our products. \n\nNokia\n\n This vulnerability is known to affect IPSO versions 3.1.3, 3.3,\n 3.3.1, 3.4, and 3.4.1. Patches are currently available for\n versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia\n website. In addition, version 3.4.2 shipped with the patch\n incorporated, and the necessary fix will be included in all future\n releases of IPSO. \n We recommend customers install the patch immediately or follow the\n recommended precautions below to avoid any potential exploit. \n If you are not using SNMP services, including Traps, simply disable\n the SNMP daemon to completely eliminate the potential\n vulnerability. \n If you are using only SNMP Traps and running Check Point\n FireWall-1, create a firewall policy to disallow incoming SNMP\n messages on all appropriate interfaces. Traps will continue to work\n normally. \n\nNortel Networks\n\n The CERT Coordination Center has issued a broad based alert to the\n technology industry, including Nortel Networks, regarding potential\n security vulnerabilities identified in the Simple Network\n Management Protocol (SNMP), a common networking standard. The\n company is working with CERT and other network equipment\n manufacturers, the U.S. Government, service providers, and software\n suppliers to assess and address this issue. \n\nNovell\n\n Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x\n and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on\n NetWare are fixed and will be available through NetWare 6 Support\n Pack 1 \u0026 NetWare 5.1 Support Pack 4. Support packs are available at\n http://support.novell.com/tools/csp/\n\nOpenBSD\n\n OpenBSD does not ship SNMP code. \n\nQualcomm\n\n WorldMail does not support SNMP by default, so customers who run\n unmodified installations are not vulnerable. \n\nRedback Networks, Inc. \n\n Redback Networks, Inc. has identified that the vulnerability in\n question affects certain versions of AOS software on the SMS 500,\n SMS 1800, and SMS 10000 platforms, and is taking the appropriate\n steps necessary to correct the issue. \n\nRed Hat\n\n RedHat has released a security advisiory [sic] at\n http://www.redhat.com/support/errata/RHSA-2001-163.html\n with updated versions of the ucd-snmp package for all supported\n releases and architectures. For more information or to download the\n update please visit this page. \n\nSGI\n\n SGI acknowledges the SNMP vulnerabilities reported by CERT and is\n currently investigating. \n For the protection of all our customers, SGI does not disclose,\n discuss or confirm vulnerabilities until a full investigation has\n occurred and any necessary patch(es) or release streams are\n available for all vulnerable and supported IRIX operating systems. \n Until SGI has more definitive information to provide, customers are\n encouraged to assume all security vulnerabilities as exploitable\n and take appropriate steps according to local site security\n policies and requirements. As further information becomes\n available, additional advisories will be issued via the normal SGI\n security information distribution methods including the wiretap\n mailing list on http://www.sgi.com/support/security/. \n\nSNMP Research International\n\n SNMP Research has made the following vendor statement. They are\n likely to revise and expand the statement as the date for the\n public vulnerability announcement draws nearer. Users maintaining\n earlier releases should update to the current release if they have\n not already done so. Other Stonesoft\u0027s products are\n still under investigation. \n\n Sun\u0027s SNMP product, Solstice Enterprise Agents (SEA), described\n here:\n http://www.sun.com/solstice/products/ent.agents/\n is affected by VU#854306 but not VU#107186. More specifically the\n main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8. \n Sun is currently generating patches for this issue and will be\n releasing a Sun Security Bulletin once the patches are available. \n The bulletin will be available from:\n http://sunsolve.sun.com/security. Sun patches are available from:\n http://sunsolve.sun.com/securitypatch. \n\nSymantec Corporation\n\n Symantec Corporation has investigated the SNMP issues identified by\n the OUSPG test suite and determined that Symantec products are not\n susceptable [sic] to these issues. \n\nTANDBERG\n\n Tandberg have run all the testcases found the PROTOS test-suie\n [sic], c06snmpv1:\n 1. c06-snmpv1-trap-enc-pr1.jar\n 2. c06-snmpv1-treq-app-pr1.jar\n 3. c06-snmpv1-trap-enc-pr1.jar\n 4. c06-snmpv1-req-app-pr1.jar\n The tests were run with standard delay time between the requests\n (100ms), but also with a delay of 1ms. The tests applies to all\n TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The\n software tested on these products were B4.0 (our latest software)\n and no problems were found when running the test suite. \n\nAppendix B. - References\n 1. http://www.ee.oulu.fi/research/ouspg/protos/\n 2. http://www.kb.cert.org/vuls/id/854306\n 3. http://www.kb.cert.org/vuls/id/107186\n 4. http://www.cert.org/tech_tips/denial_of_service.html\n 5. http://www.ietf.org/rfc/rfc1067.txt\n 6. http://www.ietf.org/rfc/rfc1089.txt\n 7. http://www.ietf.org/rfc/rfc1140.txt\n 8. http://www.ietf.org/rfc/rfc1155.txt\n 9. http://www.ietf.org/rfc/rfc1156.txt\n 10. http://www.ietf.org/rfc/rfc1215.txt\n 11. http://www.ietf.org/rfc/rfc1270.txt\n 12. http://www.ietf.org/rfc/rfc1352.txt\n\nAppendix C. - Background Information\n\n Background Information on the OUSPG\n\n OUSPG is an academic research group located at Oulu University in\n Finland. The purpose of this research group is to test software\n for vulnerabilities. \n History has shown that the techniques used by the OUSPG have\n discovered a large number of previously undetected problems in the\n products and protocols they have tested. In 2001, the OUSPG\n produced a comprehensive test suite for evaluating implementations\n of the Lightweight Directory Access Protocol (LDAP). This test\n suite was developed with the strategy of abusing the protocol in\n unsupported and unexpected ways, and it was very effective in\n uncovering a wide variety of vulnerabilities across several\n products. This approach can reveal vulnerabilities that would not\n manifest themselves under normal conditions. \n After completing its work on LDAP, OUSPG moved its focus to\n SNMPv1. As with LDAP, they designed a custom test suite, began\n testing a selection of products, and found a number of\n vulnerabilities. Because OUSPG\u0027s work on LDAP was similar in\n procedure to its current work on SNMP, you may wish to review the\n LDAP Test Suite and CERT Advisory CA-2001-18, which outlined\n results of application of the test suite. \n In order to test the security of protocols like SNMPv1, the PROTOS\n project presents a server with a wide variety of sample packets\n containing unexpected values or illegally formatted data. As a\n member of the PROTOS project consortium, the OUSPG used the PROTOS\n c06-snmpv1 test suite to study several implementations of the\n SNMPv1 protocol. Software and\n firmware products designed for networks often make use of the SNMP\n protocol. SNMP runs on a multitude of devices and operating\n systems, including, but not limited to,\n + Core Network Devices (Routers, Switches, Hubs, Bridges, and\n Wireless Network Access Points)\n + Operating Systems\n + Consumer Broadband Network Devices (Cable Modems and DSL\n Modems)\n + Consumer Electronic Devices (Cameras and Image Scanners)\n + Networked Office Equipment (Printers, Copiers, and FAX\n Machines)\n + Network and Systems Management/Diagnostic Frameworks (Network\n Sniffers and Network Analyzers)\n + Uninterruptible Power Supplies (UPS)\n + Networked Medical Equipment (Imaging Units and Oscilloscopes)\n + Manufacturing and Processing Equipment\n The SNMP protocol is formally defined in RFC1157. Quoting from\n that RFC:\n\n Implicit in the SNMP architectural model is a collection\n of network management stations and network elements. \n Network management stations execute management\n applications which monitor and control network elements. \n Network elements are devices such as hosts, gateways,\n terminal servers, and the like, which have management\n agents responsible for performing the network management\n functions requested by the network management stations. \n\n Additionally, SNMP is discussed in a number of other RFC\n documents:\n + RFC 3000 Internet Official Protocol Standards\n + RFC 1212 Concise MIB Definitions\n + RFC 1213 Management Information Base for Network Management\n of TCP/IP-based Internets: MIB-II\n + RFC 1215 A Convention for Defining Traps for use with the\n SNMP\n + RFC 1270 SNMP Communications Services\n + RFC 2570 Introduction to Version 3 of the Internet-standard\n Network Management Framework\n + RFC 2571 An Architecture for Describing SNMP Management\n Frameworks\n + RFC 2572 Message Processing and Dispatching for the Simple\n Network Management Protocol (SNMP)\n + RFC 2573 SNMP Applications\n + RFC 2574 User-based Security Model (USM) for version 3 of the\n Simple Network Management Protocol (SNMPv3)\n + RFC 2575 View-based Access Control Model (VACM) for the\n Simple Network Management Protocol (SNMP)\n + RFC 2576 Coexistence between Version 1, Version 2, and\n Version 3 of the Internet-standard Network Management\n Framework\n _____________________________________________________________\n\n The CERT Coordination Center thanks the Oulu University Secure\n Programming Group for reporting these vulnerabilities to us, for\n providing detailed technical analyses, and for assisting us in\n preparing this advisory. We also thank Steven M. Bellovin (AT\u0026T\n Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP\n Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),\n Rob Thomas, Blue Boar (Thievco), and the many others who\n contributed to this document. \n _____________________________________________________________\n\n Feedback on this document can be directed to the authors, Ian A. \n Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D. \n Householder, Marty Lindner, and Art Manion. \n __________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2002-03.html\n __________________________________________________________________\n\n CERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n \n Using encryption\n We strongly urge you to encrypt sensitive information sent by\n email. Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n If you prefer to use DES, please call the CERT hotline for more\n information. \n \n Getting security information\n CERT publications and other security information are available\n from our web site\n http://www.cert.org/\n To subscribe to the CERT mailing list for advisories and\n bulletins, send email to majordomo@cert.org. Please include in the\n body of your message\n \n subscribe cert-advisory\n \n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n __________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the\n Software Engineering Institute is furnished on an \"as is\" basis. \n Carnegie Mellon University makes no warranties of any kind, either\n expressed or implied as to any matter including, but not limited\n to, warranty of fitness for a particular purpose or\n merchantability, exclusivity or results obtained from use of the\n material. Carnegie Mellon University does not make any warranty of\n any kind with respect to freedom from patent, trademark, or\n copyright infringement. \n _____________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n Copyright 2002 Carnegie Mellon University. \n\nRevision History\n\n February 12, 2002: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU\nR1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl\nQUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr\nuZiMJ5f2SEo=\n=h42e\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0013"
},
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "PACKETSTORM",
"id": "25758"
}
],
"trust": 4.59
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=21296",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2002-0013"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#854306",
"trust": 4.0
},
{
"db": "NVD",
"id": "CVE-2002-0013",
"trust": 3.4
},
{
"db": "BID",
"id": "4132",
"trust": 1.9
},
{
"db": "BID",
"id": "4732",
"trust": 1.9
},
{
"db": "BID",
"id": "4089",
"trust": 1.9
},
{
"db": "BID",
"id": "4088",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#107186",
"trust": 1.5
},
{
"db": "XF",
"id": "8176",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034",
"trust": 0.8
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:87",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:298",
"trust": 0.6
},
{
"db": "ISS",
"id": "20020212 PROTOS REMOTE SNMP ATTACK TOOL",
"trust": 0.6
},
{
"db": "MS",
"id": "MS02-006",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2001:163",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57404",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2002-03",
"trust": 0.6
},
{
"db": "SGI",
"id": "20020201-01-A",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004",
"trust": 0.6
},
{
"db": "BID",
"id": "89608",
"trust": 0.3
},
{
"db": "BID",
"id": "89661",
"trust": 0.3
},
{
"db": "EXPLOIT-DB",
"id": "21296",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2002-0013",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "25758",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"id": "VAR-200202-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42828385666666663
},
"last_update_date": "2025-04-03T22:25:21.031000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00184",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00964944"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ibm.com/jp/"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2001-163.html"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/Bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2001-163J.html"
},
{
"title": "Cisco: Malformed SNMP Message-Handling Vulnerabilities for Cisco Non-IOS Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20020211-snmp-msgs-non-ios"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "http://www.cert.org/advisories/ca-2002-03.html"
},
{
"trust": 3.3,
"url": "http://www.kb.cert.org/vuls/id/854306"
},
{
"trust": 2.3,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
},
{
"trust": 1.7,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/"
},
{
"trust": 1.7,
"url": "http://www.cert.org/tech_tips/denial_of_service.html"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1215.txt"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1270.txt"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/alerts/advise110.php"
},
{
"trust": 1.7,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20020201-01-a"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57404-1"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc3000.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1212.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1213.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2570.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2571.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2572.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2573.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2574.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2575.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2576.txt"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4088"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4132"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4732"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4089"
},
{
"trust": 1.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013"
},
{
"trust": 1.2,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a87"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a298"
},
{
"trust": 1.1,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/m-042.shtml"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20020213snmp.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020701.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020901.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2002/at020001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-03"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0013"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/8176"
},
{
"trust": 0.7,
"url": "http://www.kb.cert.org/vuls/id/107186"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:87"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:298"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f43365"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/news/474"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f46343"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-non-ios-pub.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/21296/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20020211-snmp-msgs-non-ios"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1352.txt"
},
{
"trust": 0.1,
"url": "http://www.cert.org/tech_tips/snmp_faq.html"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.1.02/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/ric/)"
},
{
"trust": 0.1,
"url": "https://www.juniper.net."
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/securitypatch."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt/."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1067.txt"
},
{
"trust": 0.1,
"url": "https://www.dartware.com)"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1140.txt"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://www.sun.com/solstice/products/ent.agents/"
},
{
"trust": 0.1,
"url": "http://stage.caldera.com/support/security"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/)"
},
{
"trust": 0.1,
"url": "http://www.net-snmp.org/download/)."
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.ibm.com/software/lotus/support/)."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/sa/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1156.txt"
},
{
"trust": 0.1,
"url": "http://support.novell.com/tools/csp/"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/cpe/patches/"
},
{
"trust": 0.1,
"url": "https://www.covalent.net"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/mibscout/)"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/0100.h"
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/security."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1155.txt"
},
{
"trust": 0.1,
"url": "http://www.stonesoft.com/support/techcenter/"
},
{
"trust": 0.1,
"url": "http://www.sgi.com/support/security/."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1089.txt"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/3.1.22/relnotes.htm"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-01-16T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2002-02-12T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4089"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"date": "2002-02-12T22:54:19",
"db": "PACKETSTORM",
"id": "25758"
},
{
"date": "2002-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-004"
},
{
"date": "2002-02-13T05:00:00",
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2018-10-12T00:00:00",
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4089"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-004"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
}
],
"trust": 1.5
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SNMPv1 trap handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
}
],
"trust": 0.6
}
}
VAR-200205-0149
Vulnerability from variot - Updated: 2025-04-03 22:25Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. The resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. SNMP requests are messages sent from manager to agent systems. They typically poll the agent for current performance or configuration information, ask for the next SNMP object in a Management Information Base (MIB), or modify the configuration settings of the agent. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP request messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. It is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)
Original release date: February 12, 2002 Last revised: -- Source: CERT/CC
A complete revision history can be found at the end of this file.
Systems Affected
Products from a very wide variety of vendors may be affected. See Vendor Information for details from vendors who have provided feedback for this advisory.
In addition to the vendors who provided feedback for this advisory, a list of vendors whom CERT/CC contacted regarding these problems is available from http://www.kb.cert.org/vuls/id/854306 http://www.kb.cert.org/vuls/id/107186
Many other systems making use of SNMP may also be vulnerable but were not specifically tested.
In addition to this advisory, we also have an FAQ available at http://www.cert.org/tech_tips/snmp_faq.html
I. Description
The Simple Network Management Protocol (SNMP) is a widely deployed protocol that is commonly used to monitor and manage network devices. Version 1 of the protocol (SNMPv1) defines several types of SNMP messages that are used to request information or configuration changes, respond to requests, enumerate SNMP objects, and send unsolicited alerts. The Oulu University Secure Programming Group (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous vulnerabilities in SNMPv1 implementations from many different vendors. More information about SNMP and OUSPG can be found in Appendix C
OUSPG's research focused on the manner in which SNMPv1 agents and managers handle request and trap messages. A trap message may indicate a warning or error condition or otherwise notify the manager about the agent's state. Request messages might be issued to obtain information from an agent or to instruct the agent to configure the host device.
Vulnerabilities in the decoding and subsequent processing of SNMP messages by both managers and agents may result in denial-of-service conditions, format string vulnerabilities, and buffer overflows. Some vulnerabilities do not require the SNMP message to use the correct SNMP community string.
These vulnerabilities have been assigned the CVE identifiers CAN-2002-0012 and CAN-2002-0013, respectively.
II.
III. Solution
Note that many of the mitigation steps recommended below may have significant impact on your everyday network operations and/or network architecture. Ensure that any changes made based on the following recommendations will not unacceptably affect your ongoing network operations capability.
Apply a patch from your vendor
Appendix A contains information provided by vendors for this advisory. Please consult this appendix to determine if you need to contact your vendor directly.
Disable the SNMP service
As a general rule, the CERT/CC recommends disabling any service or capability that is not explicitly required, including SNMP. Unfortunately, some of the affected products exhibited unexpected behavior or denial of service conditions when exposed to the OUSPG test suite even if SNMP was not enabled. In these cases, disabling SNMP should be used in conjunction with the filtering practices listed below to provide additional protection.
Ingress filtering
As a temporary measure, it may be possible to limit the scope of these vulnerabilities by blocking access to SNMP services at the network perimeter.
Ingress filtering manages the flow of traffic as it enters a network under your administrative control. Servers are typically the only machines that need to accept inbound traffic from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound traffic to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound traffic to non-authorized services. For SNMP, ingress filtering of the following ports can prevent attackers outside of your network from impacting vulnerable devices in the local network that are not explicitly authorized to provide public SNMP services.
snmp 161/udp # Simple Network Management Protocol (SNMP) snmp 162/udp # SNMP system management messages
The following services are less common, but may be used on some affected products
snmp 161/tcp # Simple Network Management Protocol (SNMP) snmp 162/tcp # SNMP system management messages smux 199/tcp # SNMP Unix Multiplexer smux 199/udp # SNMP Unix Multiplexer synoptics-relay 391/tcp # SynOptics SNMP Relay Port synoptics-relay 391/udp # SynOptics SNMP Relay Port agentx 705/tcp # AgentX snmp-tcp-port 1993/tcp # cisco SNMP TCP port snmp-tcp-port 1993/udp # cisco SNMP TCP port
As noted above, you should carefully consider the impact of blocking services that you may be using.
It is important to note that in many SNMP implementations, the SNMP daemon may bind to all IP interfaces on the device. This has important consequences when considering appropriate packet filtering measures required to protect an SNMP-enabled device. For example, even if a device disallows SNMP packets directed to the IP addresses of its normal network interfaces, it may still be possible to exploit these vulnerabilities on that device through the use of packets directed at the following IP addresses: * "all-ones" broadcast address * subnet broadcast address * any internal loopback addresses (commonly used in routers for management purposes, not to be confused with the IP stack loopback address 127.0.0.1)
Careful consideration should be given to addresses of the types mentioned above by sites planning for packet filtering as part of their mitigation strategy for these vulnerabilities.
Finally, sites may wish to block access to the following RPC services related to SNMP (listed as name, program ID, alternate names)
snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys snmp-utk snmpv2 100138 na.snmpv2 # SNM Version 2.2.2 snmpXdmid 100249
Please note that this workaround may not protect vulnerable devices from internal attacks.
Filter SNMP traffic from non-authorized internal hosts
In many networks, only a limited number of network management systems need to originate SNMP request messages. This can reduce, but not wholly eliminate, the risk from internal attacks. However, it may have detrimental effects on network performance due to the increased load imposed by the filtering, so careful consideration is required before implementation. Similar caveats to the previous workaround regarding broadcast and loopback addresses apply.
Change default community strings
Most SNMP-enabled products ship with default community strings of "public" for read-only access and "private" for read-write access. As with any known default access control mechanism, the CERT/CC recommends that network administrators change these community strings to something of their own choosing. However, even when community strings are changed from their defaults, they will still be passed in plaintext and are therefore subject to packet sniffing attacks. SNMPv3 offers additional capabilities to ensure authentication and privacy as described in RFC2574.
Because many of the vulnerabilities identified in this advisory occur before the community strings are evaluated, it is important to note that performing this step alone is not sufficient to mitigate the impact of these vulnerabilities. Nonetheless, it should be performed as part of good security practice.
Segregate SNMP traffic onto a separate management network
In situations where blocking or disabling SNMP is not possible, exposure to these vulnerabilities may be limited by restricting all SNMP access to separate, isolated management networks that are not publicly accessible. Although this would ideally involve physically separate networks, that kind of separation is probably not feasible in most environments. Mechanisms such as virtual LANs (VLANs) may be used to help segregate traffic on the same physical network. Note that VLANs may not strictly prevent an attacker from exploiting these vulnerabilities, but they may make it more difficult to initiate the attacks.
Another option is for sites to restrict SNMP traffic to separate virtual private networks (VPNs), which employ cryptographically strong authentication.
Note that these solutions may require extensive changes to a site's network architecture.
Egress filtering
Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound traffic to the Internet. In the case of SNMP vulnerabilities, employing egress filtering on the ports listed above at your network border can prevent your network from being used as a source for attacks on other sites.
Disable stack execution
Disabling executable stacks (on systems where this is configurable) can reduce the risk of "stack smashing" attacks based on these vulnerabilities. Although this does not provide 100 percent protection against exploitation of these vulnerabilities, it makes the likelihood of a successful exploit much smaller. On many UNIX systems, executable stacks can be disabled by adding the following lines to /etc/system:
set noexec_user_stack = 1 set noexec_user_stack_log = 1
Note that this may go against the SPARC and Intel ABIs and can be bypassed as required in programs with mprotect(2). For the changes to take effect you will then need to reboot.
Other operating systems and architectures also support the disabling of executable stacks either through native configuration parameters or via third-party software. Consult your vendor(s) for additional information.
Share tools and techniques
Because dealing with these vulnerabilities to systems and networks is so complex, the CERT/CC will provide a forum where administrators can share ideas and techniques that can be used to develop proper defenses. We have created an unmoderated mailing list for system and network administrators to discuss helpful techniques and tools.
You can subscribe to the mailing list by sending an email message to majordomo@cert.org. In the body of the message, type
subscribe snmp-forum
After you receive the confirmation message, follow the instructions in the message to complete the subscription process.
Appendix A. - Vendor Information
This appendix contains information provided by vendors for this advisory. As vendors report new information to the CERT/CC, we will update this section and note the changes in our revision history. If a particular vendor is not listed below, we have not received their comments.
AdventNet
This is in reference to your notification regarding [VU#107186 and
VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this
behavior in their products and coded a Service Pack fix which is
currently in regression testing in AdventNet Inc.'s Q.A.
organization. The release of AdventNet Inc's. Service Pack
correcting the behavior outlined in VU#617947, and OUSPG#0100 is
scheduled to be generally available to all of AdventNet Inc.'s
customers by February 20, 2002.
Avaya
Avaya Inc. No further information is available at this time.
CacheFlow
The purpose of this email is to advise you that CacheFlow Inc. has
provided a software update. Please be advised that updated versions
of the software are now available for all supported CacheFlow
hardware platforms, and may be obtained by CacheFlow customers at
the following URL:
http://download.cacheflow.com/
The specific reference to the software update is contained within the Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15 Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149.
RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm
RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm
* SR 1-1647517, VI 13045: This update modified a potential
vulnerability by using an SNMP test tools exploit.
3Com Corporation
A vulnerability to an SNMP packet with an invalid length community
string has been resolved in the following products. Customers
concerned about this weakness should ensure that they upgrade to
the following agent versions:
PS Hub 40
2.16 is due Feb 2002
PS Hub 50
2.16 is due Feb 2002
Dual Speed Hub
2.16 is due Jan 2002
Switch 1100/3300
2.68 is available now
Switch 4400
2.02 is available now
Switch 4900
2.04 is available now
WebCache1000/3000
2.00 is due Jan 2002
Caldera
Caldera International, Inc. has reproduced faulty behavior in
Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX
8. We have coded a software fix for supported versions of Caldera
UnixWare 7 and Caldera Open UNIX 8 that will be available from
our support site at http://stage.caldera.com/support/security
immediately following the publication of this CERT announcement. A
fix for supported versions of OpenServer 5 will be available at a
later date.
Cisco Systems
Cisco Systems is addressing the vulnerabilities identified by
VU#854306 and VU#107186 across its entire product line. Cisco will
publish a security advisory with further details at
http://www.cisco.com/go/psirt/.
Compaq Computer Corporation
x-ref: SSRT0779U SNMP
At the time of writing this document, COMPAQ continues to evaluate
this potential problem and when new versions of SNMP are available,
COMPAQ will implement solutions based on the new code. Compaq will
provide notice of any new patches as a result of that effort
through standard patch notification procedures and be available
from your normal Compaq Services support channel.
Computer Associates
Computer Associates has confirmed Unicenter vulnerability to the
SNMP advisory identified by CERT notification reference [VU#107186
& VU#854306] and OUSPG#0100. We have produced corrective
maintenance to address these vulnerabilities, which is in the
process of publication for all applicable releases / platforms and
will be offered through the CA Support site. Please contact our
Technical Support organization for information regarding
availability / applicability for your specific configuration(s).
COMTEK Services, Inc.
NMServer for AS/400 is not an SNMP master and is therefore not
vulnerable. However this product requires the use of the AS/400
SNMP master agent supplied by IBM.
NMServer for OpenVMS has been tested and has shown to be
vulnerable. COMTEK Services is preparing a new release of this
product (version 3.5) which will contain a fix for this problem.
This new release is scheduled to be available in February 2002.
Contact COMTEK Services for further information.
NMServer for VOS has not as yet been tested; vulnerability of this
agent is unknown. Contact for further information on the testing
schedule of the VOS product.
Covalent Technologies
Covalent Technologies ERS (Enterprise Ready Server), Secure Server,
and Conductor SNMP module are not vulnerable according to testing
performed in accordance with CERT recommendations. Security
information for Covalent products can be found at www.covalent.net
Dartware, LLC
Dartware, LLC (www.dartware.com) supplies two products that use
SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present
and past versions of these two software packages.
DMH Software
DMH Software is in the process of evaluating and attempting to
reproduce this behavior.
It is unclear at this point if our snmp-agent is sensitive to the
tests described above.
If any problems will be discovered, DMH Software will code a
software fix.
The release of DMH Software OS correcting the behavior outlined in
VU#854306, VU#107186, and OUSPG#0100 will be generally available to
all of DMH Software's customers as soon as possible.
EnGarde Secure Linux
EnGarde Secure Linux did not ship any SNMP packages in version
1.0.1 of our distribution, so we are not vulnerable to either bug.
FreeBSD
FreeBSD does not include any SNMP software by default, and so is
not vulnerable. However, the FreeBSD Ports Collection contains the
UCD-SNMP / NET-SNMP package. Package versions prior to
ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release
will ship the corrected version of the UCD-SNMP / NET-SNMP
package. In addition, the corrected version of the packages is
available from the FreeBSD mirrors.
FreeBSD has issued the following FreeBSD Security Advisory
regarding the UCD-SNMP / NET-SNMP package:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09.
snmp.asc.
Hewlett-Packard Company
SUMMARY - known vulnerable:
========================================
hp procurve switch 2524
NNM (Network Node Manager)
JetDirect Firmware (Older versions only)
HP-UX Systems running snmpd or OPENVIEW
MC/ServiceGuard
EMS
Still under investigation:
SNMP/iX (MPE/iX)
========================================
_________________________________________________________
---------------------------------------------------------
hp procurve switch 2524
---------------------------------------------------------
hp procurve switch 2525 (product J4813A) is vulnerable to some
issues, patches in process. Watch for the associated HP
Security Bulletin.
---------------------------------------------------------
NNM (Network Node Manager)
---------------------------------------------------------
Some problems were found in NNM product were related to
trap handling. Patches in process. Watch for the
associated HP Security Bulletin.
---------------------------------------------------------
JetDirect Firmware (Older versions only)
---------------------------------------------------------
ONLY some older versions of JetDirect Firmware are
vulnerable to some of the issues. The older firmware
can be upgraded in most cases, see list below.
JetDirect Firmware Version State
========================== =====
X.08.32 and higher NOT Vulnerable
X.21.00 and higher NOT Vulnerable
JetDirect Product Numbers that can be freely
upgraded to X.08.32 or X.21.00 or higher firmware.
EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)
J3110A 10T
J3111A 10T/10B2/LocalTalk
J3112A Token Ring (discontinued)
J3113A 10/100 (discontinued)
J4169A 10/100
J4167A Token Ring
MIO (Peripherals LaserJet 4, 4si, 5si, etc...)
J2550A/B 10T (discontinued)
J2552A/B 10T/10Base2/LocalTalk (discontinued)
J2555A/B Token Ring (discontinued)
J4100A 10/100
J4105A Token Ring
J4106A 10T
External Print Servers
J2591A EX+ (discontinued)
J2593A EX+3 10T/10B2 (discontinued)
J2594A EX+3 Token Ring (discontinued)
J3263A 300X 10/100
J3264A 500X Token Ring
J3265A 500X 10/100
----------------------------------------------------------
HP-UX Systems running snmpd or OPENVIEW
----------------------------------------------------------
The following patches are available now:
PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch
PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch
PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated
Patch
All three patches are available from:
http://support.openview.hp.com/cpe/patches/
In addition PHSS_26137 and PHSS_26138 will soon be available from:
http://itrc.hp.com
================================================================
NOTE: The patches are labeled OV(Open View). However, the patches
are also applicable to systems that are not running Open View.
=================================================================
Any HP-UX 10.X or 11.X system running snmpd or snmpdm is
vulnerable.
To determine if your HP-UX system has snmpd or snmpdm installed:
swlist -l file | grep snmpd
If a patch is not available for your platform or you cannot install
an available patch, snmpd and snmpdm can be disabled by removing
their
entries from /etc/services and removing the execute permissions
from
/usr/sbin/snmpd and /usr/sbin/snmpdm.
----------------------------------------------------------------
Investigation completed, systems vulnerable.
----------------------------------------------------------------
MC/ServiceGuard
Event Monitoring System (EMS)
----------------------------------------------------------------
Still under investigation:
----------------------------------------------------------------
SNMP/iX (MPE/iX)
Hirschmann Electronics GmbH & Co. KG
Hirschmann Electronics GmbH & Co. KG supplies a broad range of
networking products, some of which are affected by the SNMP
vulnerabilities identified by CERT Coordination Center. Hirschmann customers may contact our Competence
Center (phone +49-7127-14-1538, email:
ans-support@nt.hirschmann.de) for additional information,
especially regarding availability of latest firmware releases
addressing the SNMP vulnerabilities.
IBM Corporation
Based upon the results of running the test suites we have
determined that our version of SNMP shipped with AIX is NOT
vulnerable.
Innerdive Solutions, LLC
Innerdive Solutions, LLC has two SNMP based products:
1. The "SNMP MIB Scout"
(http://www.innerdive.com/products/mibscout/)
2. The "Router IP Console" (http://www.innerdive.com/products/ric/)
The "SNMP MIB Scout" is not vulnerable to either bug.
The "Router IP Console" releases prior to 3.3.0.407 are vulnerable.
The release of "Router IP Console" correcting the behavior outlined
in OUSPG#0100 is 3.3.0.407 and is already available on our site.
Also, we will notify all our customers about this new release no
later than March 5, 2002.
Juniper Networks
This is in reference to your notification regarding CAN-2002-0012
and CAN-2002-0013. Juniper Networks has reproduced this behavior
and coded a software fix. The fix will be included in all releases
of JUNOS Internet software built after January 5, 2002. Customers
with current support contracts can download new software with the
fix from Juniper's web site at www.juniper.net.
Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can
only be reproduced in JUNOS Internet software if certain tracing
options are enabled. These options are generally not enabled in
production routers.
Lantronix, Inc.
Lantronix is committed to resolving security issues with our
products. The SNMP security bug you reported has been fixed in LRS
firmware version B1.3/611(020123).
Lotus Development Corporation
Lotus Software evaluated the Lotus Domino Server for
vulnerabilities using the test suite materials provided by OUSPG.
This problem does not affect default installations of the Domino
Server. However, SNMP agents can be installed from the CD to
provide SNMP services for the Domino Server (these are located in
the /apps/sysmgmt/agents directory). The optional platform
specific master and encapsulator agents included with the Lotus
Domino SNMP Agents for HP-UX and Solaris have been found to be
vulnerable. For those platforms, customers should upgrade to
version R5.0.1 a of the Lotus Domino SNMP Agents, available for
download from the Lotus Knowledge Base on the IBM Support Web Site
(http://www.ibm.com/software/lotus/support/). Please refer to
Document #191059, "Lotus Domino SNMP Agents R5.0.1a", also in the
Lotus Knowledge Base, for more details.
LOGEC Systems Inc
The products from LOGEC Systems are exposed to SNMP only via HP
OpenView. We do not have an implementation of SNMP ourselves. As
such, there is nothing in our products that would be an issue with
this alert.
Lucent
Lucent is aware of reports that there is a vulnerability in certain
implementations of the SNMP (Simple Network Management Protocol)
code that is used in data switches and other hardware throughout
the telecom industry.
As soon as we were notified by CERT, we began assessing our product
portfolio and notifying customers with products that might be
affected.
Our 5ESS switch and most of our optical portfolio were not
affected. Our core and edge ATM switches and most of our edge
access products are affected, but we have developed, tested, and
deployed fixes for many of those products to our customers.
We consider the security and reliability of our customers' networks
to be one of our critical measures of success. We take every
reasonable measure to ensure their satisfaction.
In addition, we are working with customers on ways to further
enhance the security they have in place today.
Marconi
Marconi supplies a broad range of telecommunications and related
products, some of which are affected by the SNMP vulnerabilities
identified here. Those
Marconi customers with support entitlement may contact the
appropriate Technical Assistance Center (TAC) for additional
information. Those not under support entitlement may contact their
sales representative.
Microsoft Corporation
The Microsoft Security Reponse [sic] Center has investigated this
issue, and provides the following information. The SNMP v1 service is not installed or running by
default on any version of Windows. A patch is underway to eliminate
the vulnerability. In the meantime, we recommend that affected
customers disable the SNMP v1 service.
Details:
An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE.
It is not installed or running by default on any of these
platforms. An SNMP v1 is NOT provided for Windows ME. However, it
is possible that Windows 98 machines which had the service
installed and were upgraded would still have the service. Since
SNMP is not supported for WinME, customers in this situation are
urged to remove the SNMP service.
An SNMP v1 service is available on Windows NT 4.0 (including
Terminal Server Edition) and Windows 2000 but is not installed or
running by default on any of these platforms.Windows XP does not
ship with an SNMP v1 service.
Remediation:
A patch is underway for the affected platforms, and will be
released shortly. In the meantime, Microsoft recommends that
customers who have the SNMP v1 service running disable it to
protect their systems. Following are instruction for doing this:
Windows 95, 98 and 98SE:
1. In Control Panel, double-click Network.
2. On the Configuration tab, select Microsoft SNMP Agent from the
list of installed components.
3. Click Remove
Check the following keys and confirm that snmp.exe is not listed.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunSer
vices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
For Windows XP:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
For Windows NT 4.0 (including Terminal Server Edition):
1. Select Start, then Settings.
2. Select Control Panel, then click on the Services Icon
3. Locate SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close Control Panel
Windows 2000:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
Multinet
MultiNet and TCPware customers should contact Process Software to
check for the availability of patches for this issue. A couple of
minor problems were found and fixed, but there is no security risk
related to the SNMP code included with either product.
Netaphor
NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP
Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,
two Java based products that may be affected by the SNMP
vulnerabilities identified here. The manner in which they are
affected and the actions required (if any) to avoid being impacted
by exploitation of these vulnerabilities, may be obtained by
contacting Netaphor via email at info@netaphor.com Customers with
annual support may contact support@netaphor.com directly. Those not
under support entitlement may contact Netaphor sales:
sales@netaphor.com or (949) 470 7955 in USA.
NetBSD
NetBSD does not ship with any SNMP tools in our 'base' releases. We
do provide optional packages which provide various support for
SNMP. These packages are not installed by default, nor are they
currently provided as an install option by the operating system
installation tools. A system administrator/end-user has to manually
install this with our package management tools. These SNMP packages
include:
+ netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for
netsaint)
+ p5-Net-SNMP-3.60 (perl5 module for SNMP queries)
+ p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP
library
+ p5-SNMP_Session-0.83 (perl5 module providing rudimentary
access to remote SNMP agents)
+ ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.1.2)
+ ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.2.1)
We do provide a software monitoring mechanism called
'audit-packages', which allows us to highlight if a package with a
range of versions has a potential vulnerability, and recommends
that the end-user upgrade the packages in question.
Netscape Communications Corporation
Netscape continues to be committed to maintaining a high level of
quality in our software and service offerings. Part of this
commitment includes prompt response to security issues discovered
by organizations such as the CERT Coordination Center.
According to a recent CERT/CC advisory, The Oulu University Secure
Programming Group (OUSPG) has reported numerous vulnerabilities in
multiple vendor SNMPv1 implementations.
We have carefully examined the reported findings, performing the
tests suggested by the OUSPG to determine whether Netscape server
products were subject to these vulnerabilities. It was determined
that several products fell into this category. As a result, we have
created fixes which will resolve the issues, and these fixes will
appear in future releases of our product line. To Netscape's
knowledge, there are no known instances of these vulnerabilities
being exploited and no customers have been affected to date.
When such security warnings are issued, Netscape has committed to -
and will continue to commit to - resolving these issues in a prompt
and timely fashion, ensuring that our customers receive products of
the highest quality and security.
NET-SNMP
All ucd-snmp version prior to 4.2.2 are susceptible to this
vulnerability and users of versions prior to version 4.2.2 are
encouraged to upgrade their software as soon as possible
(http://www.net-snmp.org/download/). Version 4.2.2 and higher are
not susceptible.
Network Associates
PGP is not affected, impacted, or otherwise related to this VU#.
Network Computing Technologies
Network Computing Technologies has reviewed the information
regarding SNMP vulnerabilities and is currently investigating the
impact to our products.
Nokia
This vulnerability is known to affect IPSO versions 3.1.3, 3.3,
3.3.1, 3.4, and 3.4.1. Patches are currently available for
versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia
website. In addition, version 3.4.2 shipped with the patch
incorporated, and the necessary fix will be included in all future
releases of IPSO.
We recommend customers install the patch immediately or follow the
recommended precautions below to avoid any potential exploit.
If you are not using SNMP services, including Traps, simply disable
the SNMP daemon to completely eliminate the potential
vulnerability.
If you are using only SNMP Traps and running Check Point
FireWall-1, create a firewall policy to disallow incoming SNMP
messages on all appropriate interfaces. Traps will continue to work
normally.
Nortel Networks
The CERT Coordination Center has issued a broad based alert to the
technology industry, including Nortel Networks, regarding potential
security vulnerabilities identified in the Simple Network
Management Protocol (SNMP), a common networking standard. The
company is working with CERT and other network equipment
manufacturers, the U.S. Government, service providers, and software
suppliers to assess and address this issue.
Novell
Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x
and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on
NetWare are fixed and will be available through NetWare 6 Support
Pack 1 & NetWare 5.1 Support Pack 4. Support packs are available at
http://support.novell.com/tools/csp/
OpenBSD
OpenBSD does not ship SNMP code.
Qualcomm
WorldMail does not support SNMP by default, so customers who run
unmodified installations are not vulnerable.
Redback Networks, Inc.
Redback Networks, Inc. has identified that the vulnerability in
question affects certain versions of AOS software on the SMS 500,
SMS 1800, and SMS 10000 platforms, and is taking the appropriate
steps necessary to correct the issue.
Red Hat
RedHat has released a security advisiory [sic] at
http://www.redhat.com/support/errata/RHSA-2001-163.html
with updated versions of the ucd-snmp package for all supported
releases and architectures. For more information or to download the
update please visit this page.
SGI
SGI acknowledges the SNMP vulnerabilities reported by CERT and is
currently investigating. No further information is available at
this time.
For the protection of all our customers, SGI does not disclose,
discuss or confirm vulnerabilities until a full investigation has
occurred and any necessary patch(es) or release streams are
available for all vulnerable and supported IRIX operating systems.
Until SGI has more definitive information to provide, customers are
encouraged to assume all security vulnerabilities as exploitable
and take appropriate steps according to local site security
policies and requirements. As further information becomes
available, additional advisories will be issued via the normal SGI
security information distribution methods including the wiretap
mailing list on http://www.sgi.com/support/security/.
SNMP Research International
SNMP Research has made the following vendor statement. They are
likely to revise and expand the statement as the date for the
public vulnerability announcement draws nearer. Users maintaining
earlier releases should update to the current release if they have
not already done so. Up-to-date information is available from
support@snmp.com. Other Stonesoft's products are
still under investigation. As further information becomes
available, additional advisories will be available at
http://www.stonesoft.com/support/techcenter/
Sun Microsystems, Inc.
Sun's SNMP product, Solstice Enterprise Agents (SEA), described
here:
http://www.sun.com/solstice/products/ent.agents/
is affected by VU#854306 but not VU#107186. More specifically the
main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8.
Sun is currently generating patches for this issue and will be
releasing a Sun Security Bulletin once the patches are available.
The bulletin will be available from:
http://sunsolve.sun.com/security. Sun patches are available from:
http://sunsolve.sun.com/securitypatch.
Symantec Corporation
Symantec Corporation has investigated the SNMP issues identified by
the OUSPG test suite and determined that Symantec products are not
susceptable [sic] to these issues.
TANDBERG
Tandberg have run all the testcases found the PROTOS test-suie
[sic], c06snmpv1:
1. c06-snmpv1-trap-enc-pr1.jar
2. c06-snmpv1-treq-app-pr1.jar
3. c06-snmpv1-trap-enc-pr1.jar
4. c06-snmpv1-req-app-pr1.jar
The tests were run with standard delay time between the requests
(100ms), but also with a delay of 1ms. The tests applies to all
TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The
software tested on these products were B4.0 (our latest software)
and no problems were found when running the test suite.
Appendix B. - References 1. http://www.ee.oulu.fi/research/ouspg/protos/ 2. http://www.kb.cert.org/vuls/id/854306 3. http://www.kb.cert.org/vuls/id/107186 4. http://www.cert.org/tech_tips/denial_of_service.html 5. http://www.ietf.org/rfc/rfc1067.txt 6. http://www.ietf.org/rfc/rfc1089.txt 7. http://www.ietf.org/rfc/rfc1140.txt 8. http://www.ietf.org/rfc/rfc1155.txt 9. http://www.ietf.org/rfc/rfc1156.txt 10. http://www.ietf.org/rfc/rfc1215.txt 11. http://www.ietf.org/rfc/rfc1270.txt 12. http://www.ietf.org/rfc/rfc1352.txt
Appendix C. - Background Information
Background Information on the OUSPG
OUSPG is an academic research group located at Oulu University in
Finland. The purpose of this research group is to test software
for vulnerabilities.
History has shown that the techniques used by the OUSPG have
discovered a large number of previously undetected problems in the
products and protocols they have tested. In 2001, the OUSPG
produced a comprehensive test suite for evaluating implementations
of the Lightweight Directory Access Protocol (LDAP). This test
suite was developed with the strategy of abusing the protocol in
unsupported and unexpected ways, and it was very effective in
uncovering a wide variety of vulnerabilities across several
products. This approach can reveal vulnerabilities that would not
manifest themselves under normal conditions.
After completing its work on LDAP, OUSPG moved its focus to
SNMPv1. As with LDAP, they designed a custom test suite, began
testing a selection of products, and found a number of
vulnerabilities. Because OUSPG's work on LDAP was similar in
procedure to its current work on SNMP, you may wish to review the
LDAP Test Suite and CERT Advisory CA-2001-18, which outlined
results of application of the test suite.
In order to test the security of protocols like SNMPv1, the PROTOS
project presents a server with a wide variety of sample packets
containing unexpected values or illegally formatted data. As a
member of the PROTOS project consortium, the OUSPG used the PROTOS
c06-snmpv1 test suite to study several implementations of the
SNMPv1 protocol.
Background Information on the Simple Network Management Protocol
The Simple Network Management Protocol (SNMP) is the most popular
protocol in use to manage networked devices. SNMP was designed in
the late 80's to facilitate the exchange of management information
between networked devices, operating at the application layer of
the ISO/OSI model. The SNMP protocol enables network and system
administrators to remotely monitor and configure devices on the
network (devices such as switches and routers). Software and
firmware products designed for networks often make use of the SNMP
protocol. SNMP runs on a multitude of devices and operating
systems, including, but not limited to,
+ Core Network Devices (Routers, Switches, Hubs, Bridges, and
Wireless Network Access Points)
+ Operating Systems
+ Consumer Broadband Network Devices (Cable Modems and DSL
Modems)
+ Consumer Electronic Devices (Cameras and Image Scanners)
+ Networked Office Equipment (Printers, Copiers, and FAX
Machines)
+ Network and Systems Management/Diagnostic Frameworks (Network
Sniffers and Network Analyzers)
+ Uninterruptible Power Supplies (UPS)
+ Networked Medical Equipment (Imaging Units and Oscilloscopes)
+ Manufacturing and Processing Equipment
The SNMP protocol is formally defined in RFC1157. Quoting from
that RFC:
Implicit in the SNMP architectural model is a collection
of network management stations and network elements.
Network management stations execute management
applications which monitor and control network elements.
Network elements are devices such as hosts, gateways,
terminal servers, and the like, which have management
agents responsible for performing the network management
functions requested by the network management stations.
The Simple Network Management Protocol (SNMP) is used to
communicate management information between the network
management stations and the agents in the network
elements.
Additionally, SNMP is discussed in a number of other RFC
documents:
+ RFC 3000 Internet Official Protocol Standards
+ RFC 1212 Concise MIB Definitions
+ RFC 1213 Management Information Base for Network Management
of TCP/IP-based Internets: MIB-II
+ RFC 1215 A Convention for Defining Traps for use with the
SNMP
+ RFC 1270 SNMP Communications Services
+ RFC 2570 Introduction to Version 3 of the Internet-standard
Network Management Framework
+ RFC 2571 An Architecture for Describing SNMP Management
Frameworks
+ RFC 2572 Message Processing and Dispatching for the Simple
Network Management Protocol (SNMP)
+ RFC 2573 SNMP Applications
+ RFC 2574 User-based Security Model (USM) for version 3 of the
Simple Network Management Protocol (SNMPv3)
+ RFC 2575 View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP)
+ RFC 2576 Coexistence between Version 1, Version 2, and
Version 3 of the Internet-standard Network Management
Framework
_____________________________________________________________
The CERT Coordination Center thanks the Oulu University Secure
Programming Group for reporting these vulnerabilities to us, for
providing detailed technical analyses, and for assisting us in
preparing this advisory. We also thank Steven M. Bellovin (AT&T
Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP
Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),
Rob Thomas, Blue Boar (Thievco), and the many others who
contributed to this document.
_____________________________________________________________
Feedback on this document can be directed to the authors, Ian A.
Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D.
Householder, Marty Lindner, and Art Manion.
__________________________________________________________________
This document is available from:
http://www.cert.org/advisories/CA-2002-03.html
__________________________________________________________________
CERT/CC Contact Information
Email: cert@cert.org
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
Postal address:
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /
EDT(GMT-4) Monday through Friday; they are on call for emergencies
during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by
email. Our public PGP key is available from
http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more
information.
Getting security information
CERT publications and other security information are available
from our web site
http://www.cert.org/
To subscribe to the CERT mailing list for advisories and
bulletins, send email to majordomo@cert.org. Please include in the
body of your message
subscribe cert-advisory
* "CERT" and "CERT Coordination Center" are registered in the U.S.
Patent and Trademark Office.
__________________________________________________________________
NO WARRANTY
Any material furnished by Carnegie Mellon University and the
Software Engineering Institute is furnished on an "as is" basis.
Carnegie Mellon University makes no warranties of any kind, either
expressed or implied as to any matter including, but not limited
to, warranty of fitness for a particular purpose or
merchantability, exclusivity or results obtained from use of the
material. Carnegie Mellon University does not make any warranty of
any kind with respect to freedom from patent, trademark, or
copyright infringement.
_____________________________________________________________
Conditions for use, disclaimers, and sponsorship information
Copyright 2002 Carnegie Mellon University.
Revision History
February 12, 2002: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU R1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl QUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr uZiMJ5f2SEo= =h42e -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200205-0149",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.0",
"scope": "ne",
"trust": 5.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1",
"scope": "ne",
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "openserver",
"scope": "eq",
"trust": 1.9,
"vendor": "caldera",
"version": "5.0.5"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adventnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "american power conversion",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "aprisma",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bea",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bmc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cnt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "comtek services",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cscare",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cacheflow",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "carrier access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "compaq computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "concord",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dart",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "entrada",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "equinox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fluke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "general datacomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hirschmann",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "iplanet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "itouch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "infovista",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "inktomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "innerdive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "karlnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lantronix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "larscom incorporated",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mg soft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "marconi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mercury interactive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "metrobility optical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "micromuse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "monfox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "multinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net snmp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network harmoni",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nbase xyplex",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscout",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netsilicon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscape",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwave",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "optical access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "perle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "powerware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "radware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "snmp research",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sniffer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonicwall",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "symantec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "the sco group sco unix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "tivoli",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "toshiba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "unisphere",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vertical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vina",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "world wide packets",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "xerox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "e security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net com",
"version": null
},
{
"model": "ios 12.2",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "ios 12.0 xe",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 dc2",
"scope": "ne",
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s6",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nudesign team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "outback resource group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "veritas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bintec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "interniche",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ncipher corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "5.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "4.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "3.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "2.1"
},
{
"model": "ios 12.0 s7",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bx",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 xe?",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "ios 12.0 s1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 wc1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xu",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "ios 12.1 ex",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "sunnet manager sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "sunnet manager intel",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "sunmc rr",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "sunmc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "sunmc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1.1"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.5"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.4"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.3"
},
{
"model": "research mid-level manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research enterpol",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research dr-web manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "emulex 1gbit fibrechannel hub",
"scope": null,
"trust": 0.3,
"vendor": "sgi",
"version": null
},
{
"model": "brocade",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6.0"
},
{
"model": "networks aos",
"scope": null,
"trust": 0.3,
"vendor": "redback",
"version": null
},
{
"model": "realplayer intranet",
"scope": "eq",
"trust": 0.3,
"vendor": "realnetworks",
"version": "5.0"
},
{
"model": "software tcpware",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "5.5"
},
{
"model": "software multinet",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "4.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.11"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.2"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4.1"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.3.1"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.3"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.1.3"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.1"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.1.1"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows 98se",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows terminal services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "domino snmp agents solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1x86"
},
{
"model": "domino snmp agents solaris sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "domino snmp agents hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "lrs",
"scope": null,
"trust": 0.3,
"vendor": "lantronix",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "solutions router ip console",
"scope": "eq",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.406"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "procurve switch 8000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl-bundle",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2525"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2524"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2512"
},
{
"model": "procurve switch 2424m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 2400m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 1600m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ov/sam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.10"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.211.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.210.x"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.111.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.110.x"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.02000"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.011.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.010.20"
},
{
"model": "openview network node manager windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0.23.51/4.0"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview extensible snmp agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "openview emanate snmp agent solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.22.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.211.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.210.20"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.03"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "mc/serviceguard",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.20.00"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.00"
},
{
"model": "ito/vpo/ovo unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "ems a.03.20",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "gzip",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "3.1.02"
},
{
"model": "services nmserver",
"scope": "eq",
"trust": 0.3,
"vendor": "comtek",
"version": "3.4"
},
{
"model": "associates unicenter",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7"
},
{
"model": "openunix",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "8.0"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.6"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.14"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.13"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.12"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.11"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.21"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.19"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.18"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.17"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.16"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.15"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.14"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.13"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.12"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.11"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.20"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.10"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.09"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.08"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.07"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.06"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.05"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.04"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.03"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.02"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1"
},
{
"model": "cacheos",
"scope": null,
"trust": 0.3,
"vendor": "cacheflow",
"version": null
},
{
"model": "web nms msp edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "web nms",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp utilities",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "mediation server",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "management builder",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "fault management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "configuration management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "cli api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit java/jmx edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit c edition",
"scope": "eq",
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3000"
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1000"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4900"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4400"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3300"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1100"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "50"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "40"
},
{
"model": "dual speed hub",
"scope": null,
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "brocade .0d",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6"
},
{
"model": "ipso",
"scope": "ne",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4.2"
},
{
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.2"
},
{
"model": "solutions router ip console",
"scope": "ne",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.407"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.21.00"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
},
{
"model": "ios 12.0 wc 2900xl-lre",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4700"
},
{
"model": "ios 12.2 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7"
},
{
"model": "as5850",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000"
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ca1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(4.206)"
},
{
"model": "netranger sensor",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "as5200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vg248 analog phone gateway",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2gs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7750"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(8)"
},
{
"model": "ios 12.0 wt6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1"
},
{
"model": "traffic director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "ios 12.1 e5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "ios 12.0 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ya2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5300",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "cbos b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 11.1 cc4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 4840g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 aa4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "39203.0(7)"
},
{
"model": "secure ids network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ios 12.2 mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7100"
},
{
"model": "cva120",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst native mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "ios 12.1 ea1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xq",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2sa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1005"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.015"
},
{
"model": "ios 12.2 mx1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1.200)"
},
{
"model": "bpx/igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "ap340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10700"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "ios 12.1 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "distributed director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2501"
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "ios 12.1 yi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 2948g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6"
},
{
"model": "ios 12.1 ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(7.202)"
},
{
"model": "ios 12.2 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232"
},
{
"model": "ios 12.1 ec",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "user registration tool vlan policy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "ios 11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8240",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7010"
},
{
"model": "unity server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst hybrid mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ios 12.0 wc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1)"
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "snmpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "ios 12.0 st5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ios 12.0 sl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.2"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 db2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.10"
},
{
"model": "ios 12.1 ey",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ios 12.0 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "catalyst msm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "nsp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.1 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "info center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "ios 12.0 wx5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "arrowpoint cs11000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure ids host sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2950"
},
{
"model": "ios 11.1 ct",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr7200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios 12.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ia",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv4"
},
{
"model": "ios 12.1 t12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1548"
},
{
"model": "ios 12.1 e12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 sx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.0 st",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8510csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bpx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xz7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2920"
},
{
"model": "ios 12.1 ea1b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2p",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "as5800",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 p2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6200"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1700"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "ios 12.1 e7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "ios 12.2 t1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "ios 12.2 xa5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.1"
},
{
"model": "ios 12.1 ew1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ca",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.053"
},
{
"model": "catalyst 2948g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "ios 12.2 mb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ios 12.2 t0a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "ios 12.0 wc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ap350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sl6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5400",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
},
{
"model": "ios 12.0 wc2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1400"
},
{
"model": "ios 12.1 yb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "ios 12.1 e6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(3)"
},
{
"model": "bts",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"model": "ios 12.0 sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.8"
},
{
"model": "ubr900",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(2)"
},
{
"model": "ios 12.2 xb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 t2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(7)"
},
{
"model": "ios 12.1 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 sa6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sc2200/vsc3000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wan manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "infocenter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "570"
},
{
"model": "call manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 bc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8260",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(6)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "ios 12.1 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "ios 12.2 xj1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bc1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 12.1 xm7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "catalyst supervisor module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ap352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7600"
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(7)xv"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3.210)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(13)"
},
{
"model": "ios 12.2da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "505"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "netranger",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ex3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.0sl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "br350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "ios 12.2 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "ios 12.0 st3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4500"
},
{
"model": "ios 12.2 xw1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 da3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "ons metro edge optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15327"
},
{
"model": "ios 12.2 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microhub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1500"
},
{
"model": "ios 12.2 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "ios 12.0sc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232-13"
},
{
"model": "ios 11.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "mgx-8220",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "element management framework",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "catalyst 4908g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wgb340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks windows/wug",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(5)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios 12.0 s2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 gs6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "ios 12.0 xf1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"model": "rsfc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "ios 12.1 ec1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6624",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "ios 11.1 ca2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "secure pix firewall",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7500"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "ios 12.2 xi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.11"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "wgb352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cat6k nam",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fasthub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4001.0"
},
{
"model": "ios 12.2 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.1 ea2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rsm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nrp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.4"
},
{
"model": "ws-x6608",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1600"
},
{
"model": "ios 12.1 xz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xs?",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.9"
},
{
"model": "catalyst 8510msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2500"
},
{
"model": "ios 12.2 ya1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "service expansion shelf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "ios 12.0 xe1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "iad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8110"
},
{
"model": "ios 12.1 ex4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.1 e9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 11.1ct",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "ios 12.1 xp",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7300"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3550"
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ciscoworks windows",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.2 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "esr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "ls1010 atm switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 dc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7.002"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "ios 12.1 xi8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3900"
},
{
"model": "ios 11.3 db1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "800"
},
{
"model": "mc3810",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1cc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7200"
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(4)"
},
{
"model": "catalyst 4912g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "cbos ap",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "ios 12.2 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr10000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(2)"
},
{
"model": "ios 12.2 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by the Oulu University Secure Programming Group.",
"sources": [
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
}
],
"trust": 0.6
},
"cve": "CVE-1999-1570",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-1999-1570",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-1570",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#107186",
"trust": 0.8,
"value": "69.26"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#854306",
"trust": 0.8,
"value": "42.64"
},
{
"author": "CNNVD",
"id": "CNNVD-200205-001",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. \nThe resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. SNMP requests are messages sent from manager to agent systems. They typically poll the agent for current performance or configuration information, ask for the next SNMP object in a Management Information Base (MIB), or modify the configuration settings of the agent. \nMultiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP request messages. \nAmong the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. \nIt is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2002-03: Multiple Vulnerabilities in Many\nImplementations of the Simple Network Management Protocol (SNMP)\n\n Original release date: February 12, 2002\n Last revised: --\n Source: CERT/CC\n\n A complete revision history can be found at the end of this file. \n\nSystems Affected\n\n Products from a very wide variety of vendors may be affected. See\n Vendor Information for details from vendors who have provided feedback\n for this advisory. \n\n In addition to the vendors who provided feedback for this advisory, a\n list of vendors whom CERT/CC contacted regarding these problems is\n available from\n http://www.kb.cert.org/vuls/id/854306\n http://www.kb.cert.org/vuls/id/107186 \n\n Many other systems making use of SNMP may also be vulnerable but were\n not specifically tested. \n\n In addition to this advisory, we also have an FAQ available at\n http://www.cert.org/tech_tips/snmp_faq.html\n\nI. Description\n\n The Simple Network Management Protocol (SNMP) is a widely deployed\n protocol that is commonly used to monitor and manage network devices. \n Version 1 of the protocol (SNMPv1) defines several types of SNMP\n messages that are used to request information or configuration\n changes, respond to requests, enumerate SNMP objects, and send\n unsolicited alerts. The Oulu University Secure Programming Group\n (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous\n vulnerabilities in SNMPv1 implementations from many different vendors. \n More information about SNMP and OUSPG can be found in Appendix C\n\n OUSPG\u0027s research focused on the manner in which SNMPv1 agents and\n managers handle request and trap messages. A trap message\n may indicate a warning or error condition or otherwise notify the\n manager about the agent\u0027s state. Request\n messages might be issued to obtain information from an agent or to\n instruct the agent to configure the host device. \n\n Vulnerabilities in the decoding and subsequent processing of SNMP\n messages by both managers and agents may result in denial-of-service\n conditions, format string vulnerabilities, and buffer overflows. Some\n vulnerabilities do not require the SNMP message to use the correct\n SNMP community string. \n\n These vulnerabilities have been assigned the CVE identifiers\n CAN-2002-0012 and CAN-2002-0013, respectively. \n\nII. \n\nIII. Solution\n\n Note that many of the mitigation steps recommended below may have\n significant impact on your everyday network operations and/or network\n architecture. Ensure that any changes made based on the following\n recommendations will not unacceptably affect your ongoing network\n operations capability. \n\nApply a patch from your vendor\n\n Appendix A contains information provided by vendors for this advisory. \n Please consult this appendix to determine if you need to contact your\n vendor directly. \n\nDisable the SNMP service\n\n As a general rule, the CERT/CC recommends disabling any service or\n capability that is not explicitly required, including SNMP. \n Unfortunately, some of the affected products exhibited unexpected\n behavior or denial of service conditions when exposed to the OUSPG\n test suite even if SNMP was not enabled. In these cases, disabling\n SNMP should be used in conjunction with the filtering practices listed\n below to provide additional protection. \n\nIngress filtering\n\n As a temporary measure, it may be possible to limit the scope of these\n vulnerabilities by blocking access to SNMP services at the network\n perimeter. \n\n Ingress filtering manages the flow of traffic as it enters a network\n under your administrative control. Servers are typically the only\n machines that need to accept inbound traffic from the public Internet. \n In the network usage policy of many sites, there are few reasons for\n external hosts to initiate inbound traffic to machines that provide no\n public services. Thus, ingress filtering should be performed at the\n border to prohibit externally initiated inbound traffic to\n non-authorized services. For SNMP, ingress filtering of the following\n ports can prevent attackers outside of your network from impacting\n vulnerable devices in the local network that are not explicitly\n authorized to provide public SNMP services. \n\n snmp 161/udp # Simple Network Management Protocol (SNMP)\n snmp 162/udp # SNMP system management messages\n\n The following services are less common, but may be used on some\n affected products\n\n snmp 161/tcp # Simple Network Management Protocol\n (SNMP)\n snmp 162/tcp # SNMP system management messages\n smux 199/tcp # SNMP Unix Multiplexer\n smux 199/udp # SNMP Unix Multiplexer\n synoptics-relay 391/tcp # SynOptics SNMP Relay Port\n synoptics-relay 391/udp # SynOptics SNMP Relay Port\n agentx 705/tcp # AgentX\n snmp-tcp-port 1993/tcp # cisco SNMP TCP port\n snmp-tcp-port 1993/udp # cisco SNMP TCP port\n\n As noted above, you should carefully consider the impact of blocking\n services that you may be using. \n\n It is important to note that in many SNMP implementations, the SNMP\n daemon may bind to all IP interfaces on the device. This has important\n consequences when considering appropriate packet filtering measures\n required to protect an SNMP-enabled device. For example, even if a\n device disallows SNMP packets directed to the IP addresses of its\n normal network interfaces, it may still be possible to exploit these\n vulnerabilities on that device through the use of packets directed at\n the following IP addresses:\n * \"all-ones\" broadcast address\n * subnet broadcast address\n * any internal loopback addresses (commonly used in routers for\n management purposes, not to be confused with the IP stack loopback\n address 127.0.0.1)\n\n Careful consideration should be given to addresses of the types\n mentioned above by sites planning for packet filtering as part of\n their mitigation strategy for these vulnerabilities. \n\n Finally, sites may wish to block access to the following RPC services\n related to SNMP (listed as name, program ID, alternate names)\n\n snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys\n snmp-utk\n snmpv2 100138 na.snmpv2 # SNM Version 2.2.2\n snmpXdmid 100249\n\n Please note that this workaround may not protect vulnerable devices\n from internal attacks. \n\nFilter SNMP traffic from non-authorized internal hosts\n\n In many networks, only a limited number of network management systems\n need to originate SNMP request messages. This can reduce, but not wholly eliminate, the\n risk from internal attacks. However, it may have detrimental effects\n on network performance due to the increased load imposed by the\n filtering, so careful consideration is required before implementation. \n Similar caveats to the previous workaround regarding broadcast and\n loopback addresses apply. \n\nChange default community strings\n\n Most SNMP-enabled products ship with default community strings of\n \"public\" for read-only access and \"private\" for read-write access. As\n with any known default access control mechanism, the CERT/CC\n recommends that network administrators change these community strings\n to something of their own choosing. However, even when community\n strings are changed from their defaults, they will still be passed in\n plaintext and are therefore subject to packet sniffing attacks. SNMPv3\n offers additional capabilities to ensure authentication and privacy as\n described in RFC2574. \n\n Because many of the vulnerabilities identified in this advisory occur\n before the community strings are evaluated, it is important to note\n that performing this step alone is not sufficient to mitigate the\n impact of these vulnerabilities. Nonetheless, it should be performed\n as part of good security practice. \n\nSegregate SNMP traffic onto a separate management network\n\n In situations where blocking or disabling SNMP is not possible,\n exposure to these vulnerabilities may be limited by restricting all\n SNMP access to separate, isolated management networks that are not\n publicly accessible. Although this would ideally involve physically\n separate networks, that kind of separation is probably not feasible in\n most environments. Mechanisms such as virtual LANs (VLANs) may be used\n to help segregate traffic on the same physical network. Note that\n VLANs may not strictly prevent an attacker from exploiting these\n vulnerabilities, but they may make it more difficult to initiate the\n attacks. \n\n Another option is for sites to restrict SNMP traffic to separate\n virtual private networks (VPNs), which employ cryptographically strong\n authentication. \n\n Note that these solutions may require extensive changes to a site\u0027s\n network architecture. \n\nEgress filtering\n\n Egress filtering manages the flow of traffic as it leaves a network\n under your administrative control. There is typically limited need for\n machines providing public services to initiate outbound traffic to the\n Internet. In the case of SNMP vulnerabilities, employing egress\n filtering on the ports listed above at your network border can prevent\n your network from being used as a source for attacks on other sites. \n\nDisable stack execution\n\n Disabling executable stacks (on systems where this is configurable)\n can reduce the risk of \"stack smashing\" attacks based on these\n vulnerabilities. Although this does not provide 100 percent protection\n against exploitation of these vulnerabilities, it makes the likelihood\n of a successful exploit much smaller. On many UNIX systems, executable\n stacks can be disabled by adding the following lines to /etc/system:\n\n set noexec_user_stack = 1 set noexec_user_stack_log = 1\n\n Note that this may go against the SPARC and Intel ABIs and can be\n bypassed as required in programs with mprotect(2). For the changes to\n take effect you will then need to reboot. \n\n Other operating systems and architectures also support the disabling\n of executable stacks either through native configuration parameters or\n via third-party software. Consult your vendor(s) for additional\n information. \n\nShare tools and techniques\n\n Because dealing with these vulnerabilities to systems and networks is\n so complex, the CERT/CC will provide a forum where administrators can\n share ideas and techniques that can be used to develop proper\n defenses. We have created an unmoderated mailing list for system and\n network administrators to discuss helpful techniques and tools. \n\n You can subscribe to the mailing list by sending an email message to\n majordomo@cert.org. In the body of the message, type\n\n subscribe snmp-forum\n\n After you receive the confirmation message, follow the instructions in\n the message to complete the subscription process. \n\nAppendix A. - Vendor Information\n\n This appendix contains information provided by vendors for this\n advisory. As vendors report new information to the CERT/CC, we will\n update this section and note the changes in our revision history. If a\n particular vendor is not listed below, we have not received their\n comments. \n\nAdventNet\n\n This is in reference to your notification regarding [VU#107186 and\n VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this\n behavior in their products and coded a Service Pack fix which is\n currently in regression testing in AdventNet Inc.\u0027s Q.A. \n organization. The release of AdventNet Inc\u0027s. Service Pack\n correcting the behavior outlined in VU#617947, and OUSPG#0100 is\n scheduled to be generally available to all of AdventNet Inc.\u0027s\n customers by February 20, 2002. \n\nAvaya\n\n Avaya Inc. No further information is available at this time. \n\nCacheFlow\n\n The purpose of this email is to advise you that CacheFlow Inc. has\n provided a software update. Please be advised that updated versions\n of the software are now available for all supported CacheFlow\n hardware platforms, and may be obtained by CacheFlow customers at\n the following URL:\n\n http://download.cacheflow.com/\n\n The specific reference to the software update is contained within the\n Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15\n Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149. \n\n RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm\n\n RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm\n\n * SR 1-1647517, VI 13045: This update modified a potential\n vulnerability by using an SNMP test tools exploit. \n\n3Com Corporation\n\n A vulnerability to an SNMP packet with an invalid length community\n string has been resolved in the following products. Customers\n concerned about this weakness should ensure that they upgrade to\n the following agent versions:\n PS Hub 40\n 2.16 is due Feb 2002\n PS Hub 50\n 2.16 is due Feb 2002\n Dual Speed Hub\n 2.16 is due Jan 2002\n Switch 1100/3300\n 2.68 is available now\n Switch 4400\n 2.02 is available now\n Switch 4900\n 2.04 is available now\n WebCache1000/3000\n 2.00 is due Jan 2002\n\nCaldera\n\n Caldera International, Inc. has reproduced faulty behavior in\n Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX\n 8. We have coded a software fix for supported versions of Caldera\n UnixWare 7 and Caldera Open UNIX 8 that will be available from\n our support site at http://stage.caldera.com/support/security\n immediately following the publication of this CERT announcement. A\n fix for supported versions of OpenServer 5 will be available at a\n later date. \n\nCisco Systems\n\n Cisco Systems is addressing the vulnerabilities identified by\n VU#854306 and VU#107186 across its entire product line. Cisco will\n publish a security advisory with further details at\n http://www.cisco.com/go/psirt/. \n\nCompaq Computer Corporation\n\n x-ref: SSRT0779U SNMP\n At the time of writing this document, COMPAQ continues to evaluate\n this potential problem and when new versions of SNMP are available,\n COMPAQ will implement solutions based on the new code. Compaq will\n provide notice of any new patches as a result of that effort\n through standard patch notification procedures and be available\n from your normal Compaq Services support channel. \n\nComputer Associates\n\n Computer Associates has confirmed Unicenter vulnerability to the\n SNMP advisory identified by CERT notification reference [VU#107186\n \u0026 VU#854306] and OUSPG#0100. We have produced corrective\n maintenance to address these vulnerabilities, which is in the\n process of publication for all applicable releases / platforms and\n will be offered through the CA Support site. Please contact our\n Technical Support organization for information regarding\n availability / applicability for your specific configuration(s). \n\nCOMTEK Services, Inc. \n\n NMServer for AS/400 is not an SNMP master and is therefore not\n vulnerable. However this product requires the use of the AS/400\n SNMP master agent supplied by IBM. \n\n NMServer for OpenVMS has been tested and has shown to be\n vulnerable. COMTEK Services is preparing a new release of this\n product (version 3.5) which will contain a fix for this problem. \n This new release is scheduled to be available in February 2002. \n Contact COMTEK Services for further information. \n\n NMServer for VOS has not as yet been tested; vulnerability of this\n agent is unknown. Contact for further information on the testing\n schedule of the VOS product. \n\nCovalent Technologies\n\n Covalent Technologies ERS (Enterprise Ready Server), Secure Server,\n and Conductor SNMP module are not vulnerable according to testing\n performed in accordance with CERT recommendations. Security\n information for Covalent products can be found at www.covalent.net\n\nDartware, LLC\n\n Dartware, LLC (www.dartware.com) supplies two products that use\n SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present\n and past versions of these two software packages. \n\nDMH Software\n\n DMH Software is in the process of evaluating and attempting to\n reproduce this behavior. \n It is unclear at this point if our snmp-agent is sensitive to the\n tests described above. \n If any problems will be discovered, DMH Software will code a\n software fix. \n The release of DMH Software OS correcting the behavior outlined in\n VU#854306, VU#107186, and OUSPG#0100 will be generally available to\n all of DMH Software\u0027s customers as soon as possible. \n\nEnGarde Secure Linux\n\n EnGarde Secure Linux did not ship any SNMP packages in version\n 1.0.1 of our distribution, so we are not vulnerable to either bug. \n\nFreeBSD\n\n FreeBSD does not include any SNMP software by default, and so is\n not vulnerable. However, the FreeBSD Ports Collection contains the\n UCD-SNMP / NET-SNMP package. Package versions prior to\n ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release\n will ship the corrected version of the UCD-SNMP / NET-SNMP\n package. In addition, the corrected version of the packages is\n available from the FreeBSD mirrors. \n\n FreeBSD has issued the following FreeBSD Security Advisory\n regarding the UCD-SNMP / NET-SNMP package:\n ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09. \n snmp.asc. \n\nHewlett-Packard Company\n\n SUMMARY - known vulnerable:\n ========================================\n hp procurve switch 2524\n NNM (Network Node Manager)\n JetDirect Firmware (Older versions only)\n HP-UX Systems running snmpd or OPENVIEW\n MC/ServiceGuard\n EMS\n Still under investigation:\n SNMP/iX (MPE/iX)\n ========================================\n _________________________________________________________\n ---------------------------------------------------------\n hp procurve switch 2524 \n ---------------------------------------------------------\n hp procurve switch 2525 (product J4813A) is vulnerable to some\n issues, patches in process. Watch for the associated HP\n Security Bulletin. \n ---------------------------------------------------------\n NNM (Network Node Manager)\n ---------------------------------------------------------\n Some problems were found in NNM product were related to\n trap handling. Patches in process. Watch for the\n associated HP Security Bulletin. \n ---------------------------------------------------------\n JetDirect Firmware (Older versions only)\n ---------------------------------------------------------\n ONLY some older versions of JetDirect Firmware are\n vulnerable to some of the issues. The older firmware\n can be upgraded in most cases, see list below. \n JetDirect Firmware Version State\n ========================== =====\n X.08.32 and higher NOT Vulnerable\n X.21.00 and higher NOT Vulnerable\n JetDirect Product Numbers that can be freely\n upgraded to X.08.32 or X.21.00 or higher firmware. \n EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)\n J3110A 10T\n J3111A 10T/10B2/LocalTalk\n J3112A Token Ring (discontinued)\n J3113A 10/100 (discontinued)\n J4169A 10/100\n J4167A Token Ring\n MIO (Peripherals LaserJet 4, 4si, 5si, etc...)\n J2550A/B 10T (discontinued)\n J2552A/B 10T/10Base2/LocalTalk (discontinued)\n J2555A/B Token Ring (discontinued)\n J4100A 10/100\n J4105A Token Ring\n J4106A 10T\n External Print Servers\n J2591A EX+ (discontinued)\n J2593A EX+3 10T/10B2 (discontinued)\n J2594A EX+3 Token Ring (discontinued)\n J3263A 300X 10/100\n J3264A 500X Token Ring\n J3265A 500X 10/100\n ----------------------------------------------------------\n HP-UX Systems running snmpd or OPENVIEW\n ----------------------------------------------------------\n The following patches are available now:\n PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch\n PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch\n PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated\n Patch\n All three patches are available from:\n http://support.openview.hp.com/cpe/patches/\n In addition PHSS_26137 and PHSS_26138 will soon be available from:\n http://itrc.hp.com\n ================================================================\n NOTE: The patches are labeled OV(Open View). However, the patches\n are also applicable to systems that are not running Open View. \n =================================================================\n Any HP-UX 10.X or 11.X system running snmpd or snmpdm is\n vulnerable. \n To determine if your HP-UX system has snmpd or snmpdm installed:\n swlist -l file | grep snmpd\n If a patch is not available for your platform or you cannot install\n an available patch, snmpd and snmpdm can be disabled by removing\n their\n entries from /etc/services and removing the execute permissions\n from\n /usr/sbin/snmpd and /usr/sbin/snmpdm. \n ----------------------------------------------------------------\n Investigation completed, systems vulnerable. \n ----------------------------------------------------------------\n MC/ServiceGuard\n Event Monitoring System (EMS)\n ----------------------------------------------------------------\n Still under investigation:\n ----------------------------------------------------------------\n SNMP/iX (MPE/iX)\n\nHirschmann Electronics GmbH \u0026 Co. KG\n\n Hirschmann Electronics GmbH \u0026 Co. KG supplies a broad range of\n networking products, some of which are affected by the SNMP\n vulnerabilities identified by CERT Coordination Center. Hirschmann customers may contact our Competence\n Center (phone +49-7127-14-1538, email:\n ans-support@nt.hirschmann.de) for additional information,\n especially regarding availability of latest firmware releases\n addressing the SNMP vulnerabilities. \n\nIBM Corporation\n\n Based upon the results of running the test suites we have\n determined that our version of SNMP shipped with AIX is NOT\n vulnerable. \n\nInnerdive Solutions, LLC\n\n Innerdive Solutions, LLC has two SNMP based products:\n 1. The \"SNMP MIB Scout\"\n (http://www.innerdive.com/products/mibscout/)\n 2. The \"Router IP Console\" (http://www.innerdive.com/products/ric/)\n The \"SNMP MIB Scout\" is not vulnerable to either bug. \n The \"Router IP Console\" releases prior to 3.3.0.407 are vulnerable. \n The release of \"Router IP Console\" correcting the behavior outlined\n in OUSPG#0100 is 3.3.0.407 and is already available on our site. \n Also, we will notify all our customers about this new release no\n later than March 5, 2002. \n\nJuniper Networks\n\n This is in reference to your notification regarding CAN-2002-0012\n and CAN-2002-0013. Juniper Networks has reproduced this behavior\n and coded a software fix. The fix will be included in all releases\n of JUNOS Internet software built after January 5, 2002. Customers\n with current support contracts can download new software with the\n fix from Juniper\u0027s web site at www.juniper.net. \n Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can\n only be reproduced in JUNOS Internet software if certain tracing\n options are enabled. These options are generally not enabled in\n production routers. \n\nLantronix, Inc. \n\n Lantronix is committed to resolving security issues with our\n products. The SNMP security bug you reported has been fixed in LRS\n firmware version B1.3/611(020123). \n\nLotus Development Corporation\n\n Lotus Software evaluated the Lotus Domino Server for\n vulnerabilities using the test suite materials provided by OUSPG. \n This problem does not affect default installations of the Domino\n Server. However, SNMP agents can be installed from the CD to\n provide SNMP services for the Domino Server (these are located in\n the /apps/sysmgmt/agents directory). The optional platform\n specific master and encapsulator agents included with the Lotus\n Domino SNMP Agents for HP-UX and Solaris have been found to be\n vulnerable. For those platforms, customers should upgrade to\n version R5.0.1 a of the Lotus Domino SNMP Agents, available for\n download from the Lotus Knowledge Base on the IBM Support Web Site\n (http://www.ibm.com/software/lotus/support/). Please refer to\n Document #191059, \"Lotus Domino SNMP Agents R5.0.1a\", also in the\n Lotus Knowledge Base, for more details. \n\nLOGEC Systems Inc\n\n The products from LOGEC Systems are exposed to SNMP only via HP\n OpenView. We do not have an implementation of SNMP ourselves. As\n such, there is nothing in our products that would be an issue with\n this alert. \n\nLucent\n\n Lucent is aware of reports that there is a vulnerability in certain\n implementations of the SNMP (Simple Network Management Protocol)\n code that is used in data switches and other hardware throughout\n the telecom industry. \n As soon as we were notified by CERT, we began assessing our product\n portfolio and notifying customers with products that might be\n affected. \n Our 5ESS switch and most of our optical portfolio were not\n affected. Our core and edge ATM switches and most of our edge\n access products are affected, but we have developed, tested, and\n deployed fixes for many of those products to our customers. \n We consider the security and reliability of our customers\u0027 networks\n to be one of our critical measures of success. We take every\n reasonable measure to ensure their satisfaction. \n In addition, we are working with customers on ways to further\n enhance the security they have in place today. \n\nMarconi\n\n Marconi supplies a broad range of telecommunications and related\n products, some of which are affected by the SNMP vulnerabilities\n identified here. Those\n Marconi customers with support entitlement may contact the\n appropriate Technical Assistance Center (TAC) for additional\n information. Those not under support entitlement may contact their\n sales representative. \n\nMicrosoft Corporation\n\n The Microsoft Security Reponse [sic] Center has investigated this\n issue, and provides the following information. The SNMP v1 service is not installed or running by\n default on any version of Windows. A patch is underway to eliminate\n the vulnerability. In the meantime, we recommend that affected\n customers disable the SNMP v1 service. \n\n Details:\n An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE. \n It is not installed or running by default on any of these\n platforms. An SNMP v1 is NOT provided for Windows ME. However, it\n is possible that Windows 98 machines which had the service\n installed and were upgraded would still have the service. Since\n SNMP is not supported for WinME, customers in this situation are\n urged to remove the SNMP service. \n An SNMP v1 service is available on Windows NT 4.0 (including\n Terminal Server Edition) and Windows 2000 but is not installed or\n running by default on any of these platforms.Windows XP does not\n ship with an SNMP v1 service. \n\n Remediation:\n A patch is underway for the affected platforms, and will be\n released shortly. In the meantime, Microsoft recommends that\n customers who have the SNMP v1 service running disable it to\n protect their systems. Following are instruction for doing this:\n\n Windows 95, 98 and 98SE:\n 1. In Control Panel, double-click Network. \n 2. On the Configuration tab, select Microsoft SNMP Agent from the\n list of installed components. \n 3. Click Remove\n\n Check the following keys and confirm that snmp.exe is not listed. \n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunSer\n vices\n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\n \n For Windows XP:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n \n For Windows NT 4.0 (including Terminal Server Edition):\n 1. Select Start, then Settings. \n 2. Select Control Panel, then click on the Services Icon\n 3. Locate SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close Control Panel\n\n Windows 2000:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n\nMultinet\n\n MultiNet and TCPware customers should contact Process Software to\n check for the availability of patches for this issue. A couple of\n minor problems were found and fixed, but there is no security risk\n related to the SNMP code included with either product. \n\nNetaphor\n\n NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP\n Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,\n two Java based products that may be affected by the SNMP\n vulnerabilities identified here. The manner in which they are\n affected and the actions required (if any) to avoid being impacted\n by exploitation of these vulnerabilities, may be obtained by\n contacting Netaphor via email at info@netaphor.com Customers with\n annual support may contact support@netaphor.com directly. Those not\n under support entitlement may contact Netaphor sales:\n sales@netaphor.com or (949) 470 7955 in USA. \n\nNetBSD\n\n NetBSD does not ship with any SNMP tools in our \u0027base\u0027 releases. We\n do provide optional packages which provide various support for\n SNMP. These packages are not installed by default, nor are they\n currently provided as an install option by the operating system\n installation tools. A system administrator/end-user has to manually\n install this with our package management tools. These SNMP packages\n include:\n + netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for\n netsaint)\n + p5-Net-SNMP-3.60 (perl5 module for SNMP queries)\n + p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP\n library\n + p5-SNMP_Session-0.83 (perl5 module providing rudimentary\n access to remote SNMP agents)\n + ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.1.2)\n + ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.2.1)\n\n We do provide a software monitoring mechanism called\n \u0027audit-packages\u0027, which allows us to highlight if a package with a\n range of versions has a potential vulnerability, and recommends\n that the end-user upgrade the packages in question. \n\nNetscape Communications Corporation\n\n Netscape continues to be committed to maintaining a high level of\n quality in our software and service offerings. Part of this\n commitment includes prompt response to security issues discovered\n by organizations such as the CERT Coordination Center. \n According to a recent CERT/CC advisory, The Oulu University Secure\n Programming Group (OUSPG) has reported numerous vulnerabilities in\n multiple vendor SNMPv1 implementations. \n We have carefully examined the reported findings, performing the\n tests suggested by the OUSPG to determine whether Netscape server\n products were subject to these vulnerabilities. It was determined\n that several products fell into this category. As a result, we have\n created fixes which will resolve the issues, and these fixes will\n appear in future releases of our product line. To Netscape\u0027s\n knowledge, there are no known instances of these vulnerabilities\n being exploited and no customers have been affected to date. \n When such security warnings are issued, Netscape has committed to -\n and will continue to commit to - resolving these issues in a prompt\n and timely fashion, ensuring that our customers receive products of\n the highest quality and security. \n\nNET-SNMP\n\n All ucd-snmp version prior to 4.2.2 are susceptible to this\n vulnerability and users of versions prior to version 4.2.2 are\n encouraged to upgrade their software as soon as possible\n (http://www.net-snmp.org/download/). Version 4.2.2 and higher are\n not susceptible. \n\nNetwork Associates\n\n PGP is not affected, impacted, or otherwise related to this VU#. \n\nNetwork Computing Technologies\n\n Network Computing Technologies has reviewed the information\n regarding SNMP vulnerabilities and is currently investigating the\n impact to our products. \n\nNokia\n\n This vulnerability is known to affect IPSO versions 3.1.3, 3.3,\n 3.3.1, 3.4, and 3.4.1. Patches are currently available for\n versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia\n website. In addition, version 3.4.2 shipped with the patch\n incorporated, and the necessary fix will be included in all future\n releases of IPSO. \n We recommend customers install the patch immediately or follow the\n recommended precautions below to avoid any potential exploit. \n If you are not using SNMP services, including Traps, simply disable\n the SNMP daemon to completely eliminate the potential\n vulnerability. \n If you are using only SNMP Traps and running Check Point\n FireWall-1, create a firewall policy to disallow incoming SNMP\n messages on all appropriate interfaces. Traps will continue to work\n normally. \n\nNortel Networks\n\n The CERT Coordination Center has issued a broad based alert to the\n technology industry, including Nortel Networks, regarding potential\n security vulnerabilities identified in the Simple Network\n Management Protocol (SNMP), a common networking standard. The\n company is working with CERT and other network equipment\n manufacturers, the U.S. Government, service providers, and software\n suppliers to assess and address this issue. \n\nNovell\n\n Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x\n and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on\n NetWare are fixed and will be available through NetWare 6 Support\n Pack 1 \u0026 NetWare 5.1 Support Pack 4. Support packs are available at\n http://support.novell.com/tools/csp/\n\nOpenBSD\n\n OpenBSD does not ship SNMP code. \n\nQualcomm\n\n WorldMail does not support SNMP by default, so customers who run\n unmodified installations are not vulnerable. \n\nRedback Networks, Inc. \n\n Redback Networks, Inc. has identified that the vulnerability in\n question affects certain versions of AOS software on the SMS 500,\n SMS 1800, and SMS 10000 platforms, and is taking the appropriate\n steps necessary to correct the issue. \n\nRed Hat\n\n RedHat has released a security advisiory [sic] at\n http://www.redhat.com/support/errata/RHSA-2001-163.html\n with updated versions of the ucd-snmp package for all supported\n releases and architectures. For more information or to download the\n update please visit this page. \n\nSGI\n\n SGI acknowledges the SNMP vulnerabilities reported by CERT and is\n currently investigating. No further information is available at\n this time. \n For the protection of all our customers, SGI does not disclose,\n discuss or confirm vulnerabilities until a full investigation has\n occurred and any necessary patch(es) or release streams are\n available for all vulnerable and supported IRIX operating systems. \n Until SGI has more definitive information to provide, customers are\n encouraged to assume all security vulnerabilities as exploitable\n and take appropriate steps according to local site security\n policies and requirements. As further information becomes\n available, additional advisories will be issued via the normal SGI\n security information distribution methods including the wiretap\n mailing list on http://www.sgi.com/support/security/. \n\nSNMP Research International\n\n SNMP Research has made the following vendor statement. They are\n likely to revise and expand the statement as the date for the\n public vulnerability announcement draws nearer. Users maintaining\n earlier releases should update to the current release if they have\n not already done so. Up-to-date information is available from\n support@snmp.com. Other Stonesoft\u0027s products are\n still under investigation. As further information becomes\n available, additional advisories will be available at\n http://www.stonesoft.com/support/techcenter/\n\nSun Microsystems, Inc. \n\n Sun\u0027s SNMP product, Solstice Enterprise Agents (SEA), described\n here:\n http://www.sun.com/solstice/products/ent.agents/\n is affected by VU#854306 but not VU#107186. More specifically the\n main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8. \n Sun is currently generating patches for this issue and will be\n releasing a Sun Security Bulletin once the patches are available. \n The bulletin will be available from:\n http://sunsolve.sun.com/security. Sun patches are available from:\n http://sunsolve.sun.com/securitypatch. \n\nSymantec Corporation\n\n Symantec Corporation has investigated the SNMP issues identified by\n the OUSPG test suite and determined that Symantec products are not\n susceptable [sic] to these issues. \n\nTANDBERG\n\n Tandberg have run all the testcases found the PROTOS test-suie\n [sic], c06snmpv1:\n 1. c06-snmpv1-trap-enc-pr1.jar\n 2. c06-snmpv1-treq-app-pr1.jar\n 3. c06-snmpv1-trap-enc-pr1.jar\n 4. c06-snmpv1-req-app-pr1.jar\n The tests were run with standard delay time between the requests\n (100ms), but also with a delay of 1ms. The tests applies to all\n TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The\n software tested on these products were B4.0 (our latest software)\n and no problems were found when running the test suite. \n\nAppendix B. - References\n 1. http://www.ee.oulu.fi/research/ouspg/protos/\n 2. http://www.kb.cert.org/vuls/id/854306\n 3. http://www.kb.cert.org/vuls/id/107186\n 4. http://www.cert.org/tech_tips/denial_of_service.html\n 5. http://www.ietf.org/rfc/rfc1067.txt\n 6. http://www.ietf.org/rfc/rfc1089.txt\n 7. http://www.ietf.org/rfc/rfc1140.txt\n 8. http://www.ietf.org/rfc/rfc1155.txt\n 9. http://www.ietf.org/rfc/rfc1156.txt\n 10. http://www.ietf.org/rfc/rfc1215.txt\n 11. http://www.ietf.org/rfc/rfc1270.txt\n 12. http://www.ietf.org/rfc/rfc1352.txt\n\nAppendix C. - Background Information\n\n Background Information on the OUSPG\n\n OUSPG is an academic research group located at Oulu University in\n Finland. The purpose of this research group is to test software\n for vulnerabilities. \n History has shown that the techniques used by the OUSPG have\n discovered a large number of previously undetected problems in the\n products and protocols they have tested. In 2001, the OUSPG\n produced a comprehensive test suite for evaluating implementations\n of the Lightweight Directory Access Protocol (LDAP). This test\n suite was developed with the strategy of abusing the protocol in\n unsupported and unexpected ways, and it was very effective in\n uncovering a wide variety of vulnerabilities across several\n products. This approach can reveal vulnerabilities that would not\n manifest themselves under normal conditions. \n After completing its work on LDAP, OUSPG moved its focus to\n SNMPv1. As with LDAP, they designed a custom test suite, began\n testing a selection of products, and found a number of\n vulnerabilities. Because OUSPG\u0027s work on LDAP was similar in\n procedure to its current work on SNMP, you may wish to review the\n LDAP Test Suite and CERT Advisory CA-2001-18, which outlined\n results of application of the test suite. \n In order to test the security of protocols like SNMPv1, the PROTOS\n project presents a server with a wide variety of sample packets\n containing unexpected values or illegally formatted data. As a\n member of the PROTOS project consortium, the OUSPG used the PROTOS\n c06-snmpv1 test suite to study several implementations of the\n SNMPv1 protocol. \n\n Background Information on the Simple Network Management Protocol\n \n The Simple Network Management Protocol (SNMP) is the most popular\n protocol in use to manage networked devices. SNMP was designed in\n the late 80\u0027s to facilitate the exchange of management information\n between networked devices, operating at the application layer of\n the ISO/OSI model. The SNMP protocol enables network and system\n administrators to remotely monitor and configure devices on the\n network (devices such as switches and routers). Software and\n firmware products designed for networks often make use of the SNMP\n protocol. SNMP runs on a multitude of devices and operating\n systems, including, but not limited to,\n + Core Network Devices (Routers, Switches, Hubs, Bridges, and\n Wireless Network Access Points)\n + Operating Systems\n + Consumer Broadband Network Devices (Cable Modems and DSL\n Modems)\n + Consumer Electronic Devices (Cameras and Image Scanners)\n + Networked Office Equipment (Printers, Copiers, and FAX\n Machines)\n + Network and Systems Management/Diagnostic Frameworks (Network\n Sniffers and Network Analyzers)\n + Uninterruptible Power Supplies (UPS)\n + Networked Medical Equipment (Imaging Units and Oscilloscopes)\n + Manufacturing and Processing Equipment\n The SNMP protocol is formally defined in RFC1157. Quoting from\n that RFC:\n\n Implicit in the SNMP architectural model is a collection\n of network management stations and network elements. \n Network management stations execute management\n applications which monitor and control network elements. \n Network elements are devices such as hosts, gateways,\n terminal servers, and the like, which have management\n agents responsible for performing the network management\n functions requested by the network management stations. \n The Simple Network Management Protocol (SNMP) is used to\n communicate management information between the network\n management stations and the agents in the network\n elements. \n\n Additionally, SNMP is discussed in a number of other RFC\n documents:\n + RFC 3000 Internet Official Protocol Standards\n + RFC 1212 Concise MIB Definitions\n + RFC 1213 Management Information Base for Network Management\n of TCP/IP-based Internets: MIB-II\n + RFC 1215 A Convention for Defining Traps for use with the\n SNMP\n + RFC 1270 SNMP Communications Services\n + RFC 2570 Introduction to Version 3 of the Internet-standard\n Network Management Framework\n + RFC 2571 An Architecture for Describing SNMP Management\n Frameworks\n + RFC 2572 Message Processing and Dispatching for the Simple\n Network Management Protocol (SNMP)\n + RFC 2573 SNMP Applications\n + RFC 2574 User-based Security Model (USM) for version 3 of the\n Simple Network Management Protocol (SNMPv3)\n + RFC 2575 View-based Access Control Model (VACM) for the\n Simple Network Management Protocol (SNMP)\n + RFC 2576 Coexistence between Version 1, Version 2, and\n Version 3 of the Internet-standard Network Management\n Framework\n _____________________________________________________________\n\n The CERT Coordination Center thanks the Oulu University Secure\n Programming Group for reporting these vulnerabilities to us, for\n providing detailed technical analyses, and for assisting us in\n preparing this advisory. We also thank Steven M. Bellovin (AT\u0026T\n Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP\n Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),\n Rob Thomas, Blue Boar (Thievco), and the many others who\n contributed to this document. \n _____________________________________________________________\n\n Feedback on this document can be directed to the authors, Ian A. \n Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D. \n Householder, Marty Lindner, and Art Manion. \n __________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2002-03.html\n __________________________________________________________________\n\n CERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n \n Using encryption\n We strongly urge you to encrypt sensitive information sent by\n email. Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n If you prefer to use DES, please call the CERT hotline for more\n information. \n \n Getting security information\n CERT publications and other security information are available\n from our web site\n http://www.cert.org/\n To subscribe to the CERT mailing list for advisories and\n bulletins, send email to majordomo@cert.org. Please include in the\n body of your message\n \n subscribe cert-advisory\n \n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n __________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the\n Software Engineering Institute is furnished on an \"as is\" basis. \n Carnegie Mellon University makes no warranties of any kind, either\n expressed or implied as to any matter including, but not limited\n to, warranty of fitness for a particular purpose or\n merchantability, exclusivity or results obtained from use of the\n material. Carnegie Mellon University does not make any warranty of\n any kind with respect to freedom from patent, trademark, or\n copyright infringement. \n _____________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n Copyright 2002 Carnegie Mellon University. \n\nRevision History\n\n February 12, 2002: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU\nR1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl\nQUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr\nuZiMJ5f2SEo=\n=h42e\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1570"
},
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "PACKETSTORM",
"id": "25758"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4089",
"trust": 2.7
},
{
"db": "BID",
"id": "4132",
"trust": 1.9
},
{
"db": "BID",
"id": "4732",
"trust": 1.9
},
{
"db": "NVD",
"id": "CVE-1999-1570",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#107186",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#854306",
"trust": 0.9
},
{
"db": "BID",
"id": "4088",
"trust": 0.8
},
{
"db": "VULN-DEV",
"id": "20020509 SAR -O EXPLOITATION PROCESS INFO.",
"trust": 0.6
},
{
"db": "XF",
"id": "8989",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "19990909 19 SCO 5.0.5+SKUNWARE98 BUFFER OVERFLOWS",
"trust": 0.6
},
{
"db": "CALDERA",
"id": "CSSA-2002-SCO.17",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "25758",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"id": "VAR-200205-0149",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42828385666666663
},
"last_update_date": "2025-04-03T22:25:20.962000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/4089"
},
{
"trust": 1.7,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/"
},
{
"trust": 1.7,
"url": "http://www.cert.org/tech_tips/denial_of_service.html"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1215.txt"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1270.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc3000.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1212.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1213.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2570.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2571.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2572.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2573.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2574.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2575.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2576.txt"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4132"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4732"
},
{
"trust": 1.6,
"url": "http://www.iss.net/security_center/static/8989.php"
},
{
"trust": 1.6,
"url": "ftp://stage.caldera.com/pub/security/openserver/cssa-2002-sco.17/cssa-2002-sco.17.txt"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/archive/1/27074"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/4088"
},
{
"trust": 0.7,
"url": "http://www.cert.org/advisories/ca-2002-03.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f43365"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/news/474"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f46343"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-non-ios-pub.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1352.txt"
},
{
"trust": 0.1,
"url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/tech_tips/snmp_faq.html"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.1.02/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/ric/)"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/107186"
},
{
"trust": 0.1,
"url": "https://www.juniper.net."
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/securitypatch."
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/854306"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt/."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1067.txt"
},
{
"trust": 0.1,
"url": "https://www.dartware.com)"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1140.txt"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://www.sun.com/solstice/products/ent.agents/"
},
{
"trust": 0.1,
"url": "http://stage.caldera.com/support/security"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/)"
},
{
"trust": 0.1,
"url": "http://www.net-snmp.org/download/)."
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.ibm.com/software/lotus/support/)."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/sa/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1156.txt"
},
{
"trust": 0.1,
"url": "http://support.novell.com/tools/csp/"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/cpe/patches/"
},
{
"trust": 0.1,
"url": "https://www.covalent.net"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/mibscout/)"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/0100.h"
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/security."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1155.txt"
},
{
"trust": 0.1,
"url": "http://www.stonesoft.com/support/techcenter/"
},
{
"trust": 0.1,
"url": "http://www.sgi.com/support/security/."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1089.txt"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/3.1.22/relnotes.htm"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-01-16T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2002-02-12T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4089"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2002-02-12T22:54:19",
"db": "PACKETSTORM",
"id": "25758"
},
{
"date": "2002-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-001"
},
{
"date": "2002-05-01T04:00:00",
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4089"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-001"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SNMPv1 trap handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "4089"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
}
],
"trust": 0.9
}
}
VAR-200505-0723
Vulnerability from variot - Updated: 2025-04-03 21:19The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016). When a packet of this type is handled, an infinite loop is initiated and the affected system halts. A remote attacker may exploit this issue to deny service for legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0723",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "datacenter_64-bit"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "enterprise_64-bit"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "enterprise"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "standard"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "web"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows server 2003",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.31"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.0"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt enterprise server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "3.0"
},
{
"model": "windows server enterprise edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.34"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios f",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.12"
},
{
"model": "windows nt workstation sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3"
},
{
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "3.1"
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.1.x"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.2"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.1"
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3.16"
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.38"
},
{
"model": "windows server standard edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.1"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.0"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.36"
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.x"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.10"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.0.1"
},
{
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.33"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "open desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "windows xp embedded sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.9"
},
{
"model": "windows xp embedded",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.16"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3.2"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "2.1"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "ios a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3.19"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.1"
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "ios f1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.35"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "cmw+",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0"
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios/700",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.30"
},
{
"model": "sunos",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "95"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.2.10"
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.4.401"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.37"
},
{
"model": "sunos u1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1.3"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "3.5.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.3,
"vendor": "marconi",
"version": "6.1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.32"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.1.1102"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0"
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios p",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.9"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.3,
"vendor": "marconi",
"version": "7.0.1"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "windows nt server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0.1"
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.2"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1x"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "windows server web edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.30"
}
],
"sources": [
{
"db": "BID",
"id": "13658"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:microsoft:windows_server_2003",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_xp",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Konrad Malewski\u203b koyot@moon.ondraszek.ds.polsl.gliwice.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
],
"trust": 0.6
},
"cve": "CVE-2005-1649",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-1649",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-1649",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2005-1649",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-1102",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the \"Land\" vulnerability (CVE-1999-0016). \nWhen a packet of this type is handled, an infinite loop is initiated and the affected system halts. \nA remote attacker may exploit this issue to deny service for legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1649"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "BID",
"id": "13658"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-1649",
"trust": 2.7
},
{
"db": "BID",
"id": "13658",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2005-0559",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332",
"trust": 0.8
},
{
"db": "NTBUGTRAQ",
"id": "20050516 WINDOWS (XP, 2K3, LONGHORN) IS VULNERABLE TO IPV6 LAND ATTACK.",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "13658"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"id": "VAR-200505-0723",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.36792661
},
"last_update_date": "2025-04-03T21:19:42.030000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.microsoft.com/ja/jp/default.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13658"
},
{
"trust": 1.6,
"url": "http://www.ntbugtraq.com/default.aspx?pid=36\u0026sid=1\u0026a2=ind0505\u0026l=ntbugtraq\u0026p=r409\u0026d=0\u0026f=n\u0026h=0\u0026o=d\u0026t=0"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2005/0559"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2005/0559"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1649"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1649"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-217.htm"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q165/0/05.asp"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q177/5/39.asp"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/tidfinder.cgi?2932511"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/770/land-pub.shtml#iosvers"
},
{
"trust": 0.3,
"url": "http://www.securityfocus.com/archive/1/392354"
},
{
"trust": 0.3,
"url": "/archive/1/392642"
},
{
"trust": 0.3,
"url": "/archive/1/393045"
},
{
"trust": 0.3,
"url": "/archive/1/400188"
},
{
"trust": 0.3,
"url": "/archive/1/392354"
}
],
"sources": [
{
"db": "BID",
"id": "13658"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "13658"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-17T00:00:00",
"db": "BID",
"id": "13658"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"date": "1997-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1102"
},
{
"date": "2005-05-18T04:00:00",
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13658"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"date": "2005-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1102"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Windows Illegal in IPv6 Service disruption due to packets (Dos) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
],
"trust": 0.6
}
}
VAR-199708-0008
Vulnerability from variot - Updated: 2025-04-03 20:54ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. McAfee Data Loss Prevention (DLP) is a set of data loss prevention solutions from McAfee. The solution protects intellectual property and ensures compliance by protecting the environment in which sensitive data resides (on-premise, in the cloud, or on the endpoint). Cross-site scripting vulnerabilities and cross-site request forgery vulnerabilities exist in McAfee DLP. When the user browses the affected website, his browser will execute any script code provided by the attacker, which may cause the attacker to steal cookie-based authentication, perform unauthorized operations, leak or modify sensitive information, or other forms may exist. s attack. Other attacks may also be possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199708-0008",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "os2",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": null
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "netware",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": null
},
{
"model": "macos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": null
},
{
"model": "unix",
"scope": "eq",
"trust": 1.0,
"vendor": "sco",
"version": null
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": null
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": null
},
{
"model": "kernel",
"scope": null,
"trust": 0.6,
"vendor": "linux",
"version": null
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.1"
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.0"
},
{
"model": "network data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "8.6"
},
{
"model": "network data loss prevention",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
}
],
"sources": [
{
"db": "BID",
"id": "61811"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ANZ Bank, BAE Systems, Graham Bell of Stratsec.Detica, Jamie Ooi, DirecTV, Xylinx, and Telstra",
"sources": [
{
"db": "BID",
"id": "61811"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
}
],
"trust": 0.9
},
"cve": "CVE-1999-0524",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-1999-0524",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-522",
"impactScore": 0.0,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-0524",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-199708-003",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-522",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. McAfee Data Loss Prevention (DLP) is a set of data loss prevention solutions from McAfee. The solution protects intellectual property and ensures compliance by protecting the environment in which sensitive data resides (on-premise, in the cloud, or on the endpoint). \nCross-site scripting vulnerabilities and cross-site request forgery vulnerabilities exist in McAfee DLP. When the user browses the affected website, his browser will execute any script code provided by the attacker, which may cause the attacker to steal cookie-based authentication, perform unauthorized operations, leak or modify sensitive information, or other forms may exist. s attack. Other attacks may also be possible",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0524"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
},
{
"db": "BID",
"id": "61811"
},
{
"db": "VULHUB",
"id": "VHN-522"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "MCAFEE",
"id": "SB10053",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-1999-0524",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10705",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "95",
"trust": 1.7
},
{
"db": "BID",
"id": "61811",
"trust": 0.9
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-522",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "BID",
"id": "61811"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"id": "VAR-199708-0008",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T20:54:37.187000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10053"
},
{
"trust": 1.7,
"url": "http://descriptions.securescout.com/tc/11010"
},
{
"trust": 1.7,
"url": "http://descriptions.securescout.com/tc/11011"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/95"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/306"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/322"
},
{
"trust": 1.6,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
},
{
"trust": 1.6,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?cmd=displaykc\u0026externalid=1434"
},
{
"trust": 1.0,
"url": "https://support.f5.com/csp/article/k15277"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/61811"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/us/products/data-protection/data-loss-prevention.aspx"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10053"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?cmd=displaykc\u0026amp;externalid=1434"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "BID",
"id": "61811"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-522"
},
{
"db": "BID",
"id": "61811"
},
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-265"
},
{
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1997-08-01T00:00:00",
"db": "VULHUB",
"id": "VHN-522"
},
{
"date": "2013-08-13T00:00:00",
"db": "BID",
"id": "61811"
},
{
"date": "1997-08-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"date": "2013-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-265"
},
{
"date": "1997-08-01T04:00:00",
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-522"
},
{
"date": "2013-08-13T00:00:00",
"db": "BID",
"id": "61811"
},
{
"date": "2022-11-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199708-003"
},
{
"date": "2013-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-265"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-0524"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux kernel Information disclosure vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199708-003"
}
],
"trust": 0.6
}
}
VAR-199712-0007
Vulnerability from variot - Updated: 2025-04-03 20:40Land IP denial of service. MSN Messenger clients before version 7.0 will allow remote attackers to take control of a computer if malicious GIF files are processed. Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices & Catalyst switches, and HP-UX up to 11.00. It is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. **Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. The TCP/IP network protocol stack is the most widely used network protocol for Internet networking implemented by most operating systems. There are loopholes in the TCP/IP protocol stack implementation of early BSD-derived systems (except Linux) and Windows systems, and remote attackers can use this loophole to carry out denial-of-service attacks on the server. Due to problems in the implementation of TCP/IP, the target system may have problems processing such malformed packets. Many old versions of UNIX-like operating systems will crash, and NT's CPU resource usage will be close to 100\% (for about five minutes).
The vulnerability is caused due to improper handling of IP packets with the same destination and source IP and the SYN flag set. This causes a system to consume all available CPU resources for a certain period of time.
This kind of attack was first reported in 1997 and became known as LAND attacks.
SOLUTION: Filter traffic with the same IP address as source and destination address at the perimeter.
The vulnerability is caused due to a boundary error in the SMTP service within the handling of a certain extended verb request. This can be exploited to cause a heap-based buffer overflow by connecting to the SMTP service and issuing a specially crafted command. Instead, this requires permissions usually only granted to other Exchange servers in a domain.
Microsoft Exchange 2000 Server (requires SP3): http://www.microsoft.com/downloads/details.aspx?FamilyId=2A2AF17E-2E4A-4479-8AC9-B5544EA0BD66
Microsoft Exchange Server 2003: http://www.microsoft.com/downloads/details.aspx?FamilyId=97F409EB-C8D0-4C94-A67B-5945E26C9267
Microsoft Exchange Server 2003 (requires SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=35BCE74A-E84A-4035-BF18-196368F032CC
The following versions are not affected: * Microsoft Exchange Server 5.5 SP4 * Microsoft Exchange Server 5.0 SP2
PROVIDED AND/OR DISCOVERED BY: Mark Dowd and Ben Layer, ISS X-Force.
ORIGINAL ADVISORY: MS05-021 (KB894549): http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx
ISS X-Force: http://xforce.iss.net/xforce/alerts/id/193
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA05-102A
Multiple Vulnerabilities in Microsoft Windows Components
Original release date: April 12, 2005 Last revised: -- Source: US-CERT
Systems Affected
* Microsoft Windows Systems
For a complete list of affected versions of the Windows operating systems and components, refer to the Microsoft Security Bulletins.
Overview
Microsoft has released a Security Bulletin Summary for April, 2005. This summary includes several bulletins that address vulnerabilities in various Windows applications and components. Details of the vulnerabilities and their impacts are provided below.
I. Description
The list below provides a mapping between Microsoft's Security Bulletins and the related US-CERT Vulnerability Notes. More information related to the vulnerabilities is available in these documents.
III. Solution
Apply a patch
Microsoft has provided the patches for these vulnerabilities in the Security Bulletins and on Windows Update.
Appendix A. References
* Microsoft's Security Bulletin Summary for April, 2005 - <
http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx>
* US-CERT Vulnerability Note VU#774338 -
<http://www.kb.cert.org/vuls/id/774338>
* US-CERT Vulnerability Note VU#756122 -
<http://www.kb.cert.org/vuls/id/756122>
* US-CERT Vulnerability Note VU#222050 -
<http://www.kb.cert.org/vuls/id/222050>
* US-CERT Vulnerability Note VU#275193 -
<http://www.kb.cert.org/vuls/id/275193>
* US-CERT Vulnerability Note VU#633446 -
<http://www.kb.cert.org/vuls/id/633446>
* US-CERT Vulnerability Note VU#233754 -
<http://www.kb.cert.org/vuls/id/233754>
Feedback can be directed to the authors: Will Dormann, Jeff Gennari, Chad Dougherty, Ken MacInnis, Jason Rafail, Art Manion, and Jeff Havrilla.
This document is available from:
<http://www.us-cert.gov/cas/techalerts/TA05-102A.html>
Copyright 2005 Carnegie Mellon University.
Terms of use: http://www.us-cert.gov/legal.html
Revision History
April 12, 2005: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQlxwexhoSezw4YfQAQJ4RAf/bTgaa6SBDMJveqW/GnQET79F9aVPM1S2 glam1w4YFyOdyIHpDYqQZRBqgXgpJjel/MiH02tZreU5mgIjkPIWA3gleepyWvnN 7VYv8KcbSnyvGxDl/8K2YjFz550gxA3pkRD7IiqdpOums87lJ7xM7sjdUY0ZA8aF JEvA4gfndpgLSuISV7Gf8y1s4MU329DurNy3t8W4EB9Iuef/E4Z058IvHnz9dTnT XwBnyW1KfH2Ohpy7QBOtcXt1wXU8X0F+d01g/VZmTL7xVwXmcPi8UpS7bPK8A17+ asqo582KjZVR56iL7fqNQzsrXUGZncEnX/8QOhi3Ym2LfAEkKrg3rw== =BY/p -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199712-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 5.6,
"vendor": "microsoft",
"version": null
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.9,
"vendor": "sun",
"version": "4.1.4"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "4.1.3u1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.0"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 1.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.16"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.30"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.01"
},
{
"model": "inet",
"scope": "eq",
"trust": 1.0,
"vendor": "gnu",
"version": "5.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.03"
},
{
"model": "winsock",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.07"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.05"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "windows 95",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.04"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7000"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.1"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3.1"
},
{
"model": "windows nt sp5",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.31"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "windows nt sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt enterprise server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "3.0"
},
{
"model": "windows server enterprise edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.34"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios f",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.12"
},
{
"model": "windows nt workstation sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "3.1"
},
{
"model": "windows nt sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.1.x"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.2"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.1"
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3.16"
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.38"
},
{
"model": "windows server standard edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.1"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.0"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.36"
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "windows nt sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.x"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.10"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.0.1"
},
{
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.33"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "open desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.9"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3.2"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "2.1"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt sp3 alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "ios a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3.19"
},
{
"model": "ios f1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.35"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "cmw+",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0"
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios/700",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.30"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "95"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.2.10"
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.4.401"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.37"
},
{
"model": "sunos u1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1.3"
},
{
"model": "windows nt sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "3.5.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.3,
"vendor": "marconi",
"version": "6.1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.32"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.1.1102"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0"
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios p",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.9"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.3,
"vendor": "marconi",
"version": "7.0.1"
},
{
"model": "windows nt sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "windows nt server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0.1"
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.2"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1x"
},
{
"model": "windows server web edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "m3lt meltman@lagged.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
],
"trust": 0.6
},
"cve": "CVE-1999-0016",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-1999-0016",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-16",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-0016",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#774338",
"trust": 0.8,
"value": "21.80"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#756122",
"trust": 0.8,
"value": "21.80"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#222050",
"trust": 0.8,
"value": "4.36"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#633446",
"trust": 0.8,
"value": "23.63"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#396645",
"trust": 0.8,
"value": "12.15"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#233754",
"trust": 0.8,
"value": "12.29"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#275193",
"trust": 0.8,
"value": "36.15"
},
{
"author": "CNNVD",
"id": "CNNVD-199712-002",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-16",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-1999-0016",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Land IP denial of service. MSN Messenger clients before version 7.0 will allow remote attackers to take control of a computer if malicious GIF files are processed. Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. A number of TCP/IP stacks are vulnerable to a \"loopback\" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices \u0026amp; Catalyst switches, and HP-UX up to 11.00. \nIt is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. \n**Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. The TCP/IP network protocol stack is the most widely used network protocol for Internet networking implemented by most operating systems. There are loopholes in the TCP/IP protocol stack implementation of early BSD-derived systems (except Linux) and Windows systems, and remote attackers can use this loophole to carry out denial-of-service attacks on the server. Due to problems in the implementation of TCP/IP, the target system may have problems processing such malformed packets. Many old versions of UNIX-like operating systems will crash, and NT\u0027s CPU resource usage will be close to 100\\\\% (for about five minutes). \n\nThe vulnerability is caused due to improper handling of IP packets\nwith the same destination and source IP and the SYN flag set. This\ncauses a system to consume all available CPU resources for a certain\nperiod of time. \n\nThis kind of attack was first reported in 1997 and became known as\nLAND attacks. \n\nSOLUTION:\nFilter traffic with the same IP address as source and destination\naddress at the perimeter. \n\nThe vulnerability is caused due to a boundary error in the SMTP\nservice within the handling of a certain extended verb request. This\ncan be exploited to cause a heap-based buffer overflow by connecting\nto the SMTP service and issuing a specially crafted command. Instead, this requires permissions\nusually only granted to other Exchange servers in a domain. \n\nMicrosoft Exchange 2000 Server (requires SP3):\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=2A2AF17E-2E4A-4479-8AC9-B5544EA0BD66\n\nMicrosoft Exchange Server 2003:\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=97F409EB-C8D0-4C94-A67B-5945E26C9267\n\nMicrosoft Exchange Server 2003 (requires SP1):\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=35BCE74A-E84A-4035-BF18-196368F032CC\n\nThe following versions are not affected:\n* Microsoft Exchange Server 5.5 SP4\n* Microsoft Exchange Server 5.0 SP2\n\nPROVIDED AND/OR DISCOVERED BY:\nMark Dowd and Ben Layer, ISS X-Force. \n\nORIGINAL ADVISORY:\nMS05-021 (KB894549):\nhttp://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx\n\nISS X-Force:\nhttp://xforce.iss.net/xforce/alerts/id/193\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n National Cyber Alert System \n\n Technical Cyber Security Alert TA05-102A \n\nMultiple Vulnerabilities in Microsoft Windows Components\n\n Original release date: April 12, 2005\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Microsoft Windows Systems\n\n For a complete list of affected versions of the Windows operating\n systems and components, refer to the Microsoft Security Bulletins. \n\n\nOverview\n\n Microsoft has released a Security Bulletin Summary for April, 2005. \n This summary includes several bulletins that address\n vulnerabilities in various Windows applications and\n components. Details of\n the vulnerabilities and their impacts are provided below. \n\n\nI. Description\n\n The list below provides a mapping between Microsoft\u0027s Security\n Bulletins and the related US-CERT Vulnerability Notes. More\n information related to the vulnerabilities is available in these\n documents. \n\n\nIII. Solution\n\nApply a patch\n\n Microsoft has provided the patches for these vulnerabilities in the\n Security Bulletins and on Windows Update. \n\n\nAppendix A. References\n\n * Microsoft\u0027s Security Bulletin Summary for April, 2005 - \u003c\n http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx\u003e\n\n * US-CERT Vulnerability Note VU#774338 -\n \u003chttp://www.kb.cert.org/vuls/id/774338\u003e\n\n * US-CERT Vulnerability Note VU#756122 -\n \u003chttp://www.kb.cert.org/vuls/id/756122\u003e\n\n * US-CERT Vulnerability Note VU#222050 -\n \u003chttp://www.kb.cert.org/vuls/id/222050\u003e\n\n * US-CERT Vulnerability Note VU#275193 -\n \u003chttp://www.kb.cert.org/vuls/id/275193\u003e\n\n * US-CERT Vulnerability Note VU#633446 -\n \u003chttp://www.kb.cert.org/vuls/id/633446\u003e\n\n * US-CERT Vulnerability Note VU#233754 -\n \u003chttp://www.kb.cert.org/vuls/id/233754\u003e\n _________________________________________________________________\n\n Feedback can be directed to the authors: Will Dormann, Jeff Gennari,\n Chad Dougherty, Ken MacInnis, Jason Rafail, Art Manion, and Jeff\n Havrilla. \n _________________________________________________________________\n\n This document is available from: \n \n \u003chttp://www.us-cert.gov/cas/techalerts/TA05-102A.html\u003e \n \n _________________________________________________________________\n\n Copyright 2005 Carnegie Mellon University. \n \n Terms of use: \u003chttp://www.us-cert.gov/legal.html\u003e\n _________________________________________________________________\n\n Revision History\n\n April 12, 2005: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBQlxwexhoSezw4YfQAQJ4RAf/bTgaa6SBDMJveqW/GnQET79F9aVPM1S2\nglam1w4YFyOdyIHpDYqQZRBqgXgpJjel/MiH02tZreU5mgIjkPIWA3gleepyWvnN\n7VYv8KcbSnyvGxDl/8K2YjFz550gxA3pkRD7IiqdpOums87lJ7xM7sjdUY0ZA8aF\nJEvA4gfndpgLSuISV7Gf8y1s4MU329DurNy3t8W4EB9Iuef/E4Z058IvHnz9dTnT\nXwBnyW1KfH2Ohpy7QBOtcXt1wXU8X0F+d01g/VZmTL7xVwXmcPi8UpS7bPK8A17+\nasqo582KjZVR56iL7fqNQzsrXUGZncEnX/8QOhi3Ym2LfAEkKrg3rw==\n=BY/p\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0016"
},
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "PACKETSTORM",
"id": "36523"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "PACKETSTORM",
"id": "37198"
}
],
"trust": 6.66
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=20812",
"trust": 0.5,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-16",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-0016",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "14512",
"trust": 1.7
},
{
"db": "BID",
"id": "2666",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#774338",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#756122",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#222050",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#633446",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#233754",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "14920",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA05-102A",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#275193",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "14578",
"trust": 0.8
},
{
"db": "XF",
"id": "19593",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#396645",
"trust": 0.8
},
{
"db": "BID",
"id": "13116",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1013686",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "15467",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002",
"trust": 0.7
},
{
"db": "HP",
"id": "HPSBUX9801-076",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "20812",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "20810",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "20814",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "20813",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "20811",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-16",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-1999-0016",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36523",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37141",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37198",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "36523"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"id": "VAR-199712-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16"
}
],
"trust": 0.46792661
},
"last_update_date": "2025-04-03T20:40:45.079000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-1999-0016-Land-DOS-tool",
"trust": 0.1,
"url": "https://github.com/pexmee/CVE-1999-0016-Land-DOS-tool "
},
{
"title": "opensims",
"trust": 0.1,
"url": "https://github.com/ascendantlogic/opensims "
},
{
"title": "CVE-1999-0016-POC",
"trust": 0.1,
"url": "https://github.com/Pommaq/CVE-1999-0016-POC "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-1999-0016"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"trust": 1.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux9801-076"
},
{
"trust": 1.6,
"url": "about vulnerability notes"
},
{
"trust": 1.6,
"url": "contact us about this vulnerability"
},
{
"trust": 1.6,
"url": "provide a vendor statement"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20170815-0001/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/14512/"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/alerts/id/193"
},
{
"trust": 0.9,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-021.mspx"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/14920/"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-020.mspx"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=228\u0026type=vulnerabilities"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/security/bulletins/200504_msnmessenger.mspx"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-022.mspx"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/889829"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/896597"
},
{
"trust": 0.8,
"url": "http://messenger.msn.com"
},
{
"trust": 0.8,
"url": "http://www.w3.org/graphics/gif/spec-gif89a.txt"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/14512"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2666 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/19593"
},
{
"trust": 0.8,
"url": "http://osvdb.org/displayvuln.php?osvdb_id=14578"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/192"
},
{
"trust": 0.8,
"url": "http://www.iana.org/assignments/ip-parameters"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/13116/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/apr/1013686.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-102a.html"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=15467"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q165/0/05.asp"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q177/5/39.asp"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/tidfinder.cgi?2932511"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/770/land-pub.shtml#iosvers"
},
{
"trust": 0.3,
"url": "http://www.securityfocus.com/archive/1/392354"
},
{
"trust": 0.3,
"url": "/archive/1/392642"
},
{
"trust": 0.3,
"url": "/archive/1/393045"
},
{
"trust": 0.3,
"url": "/archive/1/392354"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/pexmee/cve-1999-0016-land-dos-tool"
},
{
"trust": 0.1,
"url": "https://github.com/ascendantlogic/opensims"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/20812/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=8889"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1173/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/22/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1174/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1176/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1175/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?f=l"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=35bce74a-e84a-4035-bf18-196368f032cc"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=2a2af17e-2e4a-4479-8ac9-b5544ea0bd66"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/41/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=97f409eb-c8d0-4c94-a67b-5945e26c9267"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1828/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/633446\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/222050\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/233754\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/275193\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/774338\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-102a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/756122\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "36523"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "36523"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#774338"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#756122"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#222050"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#633446"
},
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#396645"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#233754"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#275193"
},
{
"date": "1997-12-01T00:00:00",
"db": "VULHUB",
"id": "VHN-16"
},
{
"date": "1997-12-01T00:00:00",
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"date": "1997-11-20T00:00:00",
"db": "BID",
"id": "2666"
},
{
"date": "2005-03-15T04:45:15",
"db": "PACKETSTORM",
"id": "36523"
},
{
"date": "2005-04-18T07:20:47",
"db": "PACKETSTORM",
"id": "37141"
},
{
"date": "2005-04-19T06:59:49",
"db": "PACKETSTORM",
"id": "37198"
},
{
"date": "1997-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199712-002"
},
{
"date": "1997-12-01T05:00:00",
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-18T00:00:00",
"db": "CERT/CC",
"id": "VU#774338"
},
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#756122"
},
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#222050"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#633446"
},
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#396645"
},
{
"date": "2005-05-03T00:00:00",
"db": "CERT/CC",
"id": "VU#233754"
},
{
"date": "2005-08-02T00:00:00",
"db": "CERT/CC",
"id": "VU#275193"
},
{
"date": "2008-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-16"
},
{
"date": "2008-09-09T00:00:00",
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"date": "2009-07-11T06:06:00",
"db": "BID",
"id": "2666"
},
{
"date": "2006-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199712-002"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer DHTML objects contain a race condition",
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
],
"trust": 0.6
}
}
VAR-200311-0091
Vulnerability from variot - Updated: 2022-05-29 21:30Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding. Multiple vulnerabilities exist in different vendors' SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL of ASN.1 (Abstract Syntax Notation number One) Structure (ASN1_TYPE) In the interpretation part of, there is a flaw in the process of releasing the memory allocated for the structure, and there is a vulnerability that destroys the values in the stack.OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----
OpenSSL Security Advisory [30 September 2003]
Vulnerabilities in ASN.1 parsing
NISCC (www.niscc.gov.uk) prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates.
Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite.
Vulnerabilities
-
Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be exploited to run malicious code. This issue does not affect OpenSSL 0.9.6.
-
Exploitation of an affected application would result in a denial of service vulnerability.
-
This by itself is not strictly speaking a vulnerability but it does mean that all SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication.
Who is affected?
All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected.
Any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines.
Recommendations
Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications statically linked to OpenSSL libraries.
References
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0545 for issue 1:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545
and CAN-2003-0543 and CAN-2003-0544 for issue 2:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544
URL for this Security Advisory: http://www.openssl.org/news/secadv_20030930.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q x4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS 3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un xjGKYbcITrM= =fFTe -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200311-0091",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stunnel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tawie server linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2s"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux apache-based web server",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "gsx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.15336"
},
{
"model": "esx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.05257"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5.2"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.30"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.200"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.11"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.10"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.01"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1x86"
},
{
"model": "one directory server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.1"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.9"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.8"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.6"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.5"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.4"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.3"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.18"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.17"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat high availability",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.1"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for isa server",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for gauntlet",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.8.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.6.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.8"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.7"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1"
},
{
"model": "communications security ssh sentinel",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ipsec express toolkit",
"scope": null,
"trust": 0.3,
"vendor": "ssh",
"version": null
},
{
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.4"
},
{
"model": "gpl",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "1.0"
},
{
"model": "express beta",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "2.0"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.3"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "oracle9i application server .1s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "nsure audit",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netmail e",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail d",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail c",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.1"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0.2"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.5"
},
{
"model": "ichain server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "groupwise webaccess sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "groupwise internet agent",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5.1"
},
{
"model": "groupwise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "edirectory su1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.6.2"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.27"
},
{
"model": "edirectory a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.12"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.0"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.8"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "8.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "networks t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1.1"
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1"
},
{
"model": "networks m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "rational rose",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2000"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.2"
},
{
"model": "hp-ux aaa server a.06.01.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "wbem services for hp-ux a.01.05.05",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "isman",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "firepass",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.3"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.1"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.3"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.0.1"
},
{
"model": "open software",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "3.4"
},
{
"model": "associates etrust security command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "threat response",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure policy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "520"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "515"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software vpn-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "3.0"
},
{
"model": "firewall server",
"scope": "eq",
"trust": 0.3,
"vendor": "borderware",
"version": "7.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.0"
},
{
"model": "coat systems cacheos ca/sa",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.40"
},
{
"model": "solaris 8 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one web server sp7",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp14",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 upgrade standard",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 upgrade platform",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.2"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "communications security ssh2",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.9"
},
{
"model": "communications security ssh sentinel",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4.1"
},
{
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.5"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.3"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.2"
},
{
"model": "netmail f",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "imanager",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.5"
},
{
"model": "edirectory su1",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "rational requisitepro",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "hp-ux aaa server a.06.01.02.04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "wbem services for hp-ux a.01.05.07",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0545",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0545",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2003-0545",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0545",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#104280",
"trust": 0.8,
"value": "11.81"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#732952",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#686224",
"trust": 0.8,
"value": "1.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#935264",
"trust": 0.8,
"value": "21.52"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#380864",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#255484",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CNNVD",
"id": "CNNVD-200311-033",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding. Multiple vulnerabilities exist in different vendors\u0027 SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL of ASN.1 (Abstract Syntax Notation number One) Structure (ASN1_TYPE) In the interpretation part of, there is a flaw in the process of releasing the memory allocated for the structure, and there is a vulnerability that destroys the values in the stack.OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\n\nOpenSSL Security Advisory [30 September 2003]\n\nVulnerabilities in ASN.1 parsing\n================================\n\nNISCC (www.niscc.gov.uk) prepared a test suite to check the operation\nof SSL/TLS software when presented with a wide range of malformed client\ncertificates. \n\nDr Stephen Henson (steve@openssl.org) of the OpenSSL core team\nidentified and prepared fixes for a number of vulnerabilities in the\nOpenSSL ASN1 code when running the test suite. \n\nVulnerabilities\n- ---------------\n\n1. Certain ASN.1 encodings that are rejected as invalid by the parser\ncan trigger a bug in the deallocation of the corresponding data\nstructure, corrupting the stack. This can be used as a denial of service\nattack. It is currently unknown whether this can be exploited to run\nmalicious code. This issue does not affect OpenSSL 0.9.6. \n\n2. \n\n3. Exploitation of an affected\napplication would result in a denial of service vulnerability. \n\n4. This by\nitself is not strictly speaking a vulnerability but it does mean that\n*all* SSL/TLS servers that use OpenSSL can be attacked using\nvulnerabilities 1, 2 and 3 even if they don\u0027t enable client authentication. \n\nWho is affected?\n- ----------------\n\nAll versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all\nversions of SSLeay are affected. \n\nAny application that makes use of OpenSSL\u0027s ASN1 library to parse\nuntrusted data. This includes all SSL or TLS applications, those using\nS/MIME (PKCS#7) or certificate generation routines. \n\nRecommendations\n- ---------------\n\nUpgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications\nstatically linked to OpenSSL libraries. \n\nReferences\n- ----------\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0545 for issue 1:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545\n\nand CAN-2003-0543 and CAN-2003-0544 for issue 2:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20030930.txt\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q\nx4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS\n3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un\nxjGKYbcITrM=\n=fFTe\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0545"
},
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "PACKETSTORM",
"id": "31738"
}
],
"trust": 6.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2003-0545",
"trust": 2.8
},
{
"db": "BID",
"id": "8732",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3900",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22249",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 1.1
},
{
"db": "XF",
"id": "13315",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "CA-2003-26",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2590",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:292",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-394",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31738",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"id": "VAR-200311-0091",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-29T21:30:21.532000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"title": "HPSBUX00290",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-290"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-284"
},
{
"title": "HPSBUX00288",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00891831"
},
{
"title": "HPSBUX00290",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-290.html"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-284.html"
},
{
"title": "openssl",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/openssl.html"
},
{
"title": "secadv_20030930",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://support.oracle.co.jp/open/owa/external_krown.search_doc?c_document_id=70482"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-292.html"
},
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20030930-ssl-j.shtml"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-292j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.8,
"url": "http://www.ietf.org/rfc/rfc2246.txt"
},
{
"trust": 4.5,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm"
},
{
"trust": 4.0,
"url": "http://wp.netscape.com/eng/ssl3/"
},
{
"trust": 4.0,
"url": "http://www.itu.int/itu-t/studygroups/com10/languages/"
},
{
"trust": 3.9,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"trust": 3.2,
"url": "http://www.ietf.org/html.charters/pkix-charter.html"
},
{
"trust": 2.7,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/8732"
},
{
"trust": 1.9,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21247112"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-292.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-394"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22249"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3900"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2590"
},
{
"trust": 0.9,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087450.htm"
},
{
"trust": 0.8,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/tls.htm"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/pkcs/"
},
{
"trust": 0.8,
"url": "http://wp.netscape.com/eng/ssl3/draft302.txt"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-159.shtml"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/o-065.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0545"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20031104-00753.xml"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13315"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-26"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-26"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0545"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20031104-00753.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20031001_103420.html"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3900"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2590"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-tech.shtml"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120400.shtml"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57599"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/swupdates/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967586.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968007.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/esx/esx2-openssh.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967420.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967421.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/products/firewall.php"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967425.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967411.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967408.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967399.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/gsx_security.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967175.htm"
},
{
"trust": 0.3,
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:098"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2004.0422.1"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967210.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967209.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967208.htm"
},
{
"trust": 0.3,
"url": "http://cirt.dk/advisories/cirt-32-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.cirt.dk/advisories/cirt-31-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3040.html"
},
{
"trust": 0.3,
"url": "http://metalink.oracle.com"
},
{
"trust": 0.3,
"url": "http://www.smoothwall.org/home/news/item/20031001.01.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-331.php"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_openssl_asn_vulnerability.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/security-alerts/"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3041.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/476/"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/477/"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57100"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57444"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57472"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57475"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57498"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://www.tarantella.com/security/bulletin-08.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 0.3,
"url": "/archive/1/343055"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0543"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0544"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0544"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2003-09-30T00:00:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"date": "2003-09-30T16:10:22",
"db": "PACKETSTORM",
"id": "31738"
},
{
"date": "2003-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"date": "2003-11-17T05:00:00",
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2016-07-06T14:32:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"date": "2018-05-03T01:29:00",
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SSL/TLS implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
}
],
"trust": 0.6
}
}
VAR-200311-0090
Vulnerability from variot - Updated: 2022-05-29 19:39OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used. Multiple vulnerabilities exist in different vendors' SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL Is X.509 With a certificate etc. ASN.1 Authentication information is exchanged using objects. In addition, SSL/TLS Implement the protocol OpenSSL Many other products also contain this vulnerability ASN.1 The existence of vulnerabilities related to processing has been confirmed.Crafted by a third party ASN.1 The client certificate containing the object OpenSSL By passing it to the application that uses (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----
OpenSSL Security Advisory [30 September 2003]
Vulnerabilities in ASN.1 parsing
NISCC (www.niscc.gov.uk) prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates.
Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite.
Vulnerabilities
-
Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be exploited to run malicious code. This issue does not affect OpenSSL 0.9.6.
-
Exploitation of an affected application would result in a denial of service vulnerability.
-
This by itself is not strictly speaking a vulnerability but it does mean that all SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication.
Who is affected?
All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected.
Any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines.
Recommendations
Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications statically linked to OpenSSL libraries.
References
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0545 for issue 1:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545
and CAN-2003-0543 and CAN-2003-0544 for issue 2:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544
URL for this Security Advisory: http://www.openssl.org/news/secadv_20030930.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q x4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS 3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un xjGKYbcITrM= =fFTe -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200311-0090",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stunnel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tawie server linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.1s"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "java system application server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 platform edition update 2"
},
{
"model": "java system application server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 standard edition update 2"
},
{
"model": "java system directory server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "4.1 sp13"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.0 sp6"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.1"
},
{
"model": "linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux apache-based web server",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "gsx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.15336"
},
{
"model": "esx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.05257"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5.2"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.30"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.200"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.11"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.10"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.01"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1x86"
},
{
"model": "one directory server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.1"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.9"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.8"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.6"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.5"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.4"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.3"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.18"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.17"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat high availability",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.1"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for isa server",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for gauntlet",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.8.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.6.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.8"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.7"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1"
},
{
"model": "communications security ssh sentinel",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ipsec express toolkit",
"scope": null,
"trust": 0.3,
"vendor": "ssh",
"version": null
},
{
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.4"
},
{
"model": "gpl",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "1.0"
},
{
"model": "express beta",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "2.0"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.3"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "oracle9i application server .1s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "nsure audit",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netmail e",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail d",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail c",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.1"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0.2"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.5"
},
{
"model": "ichain server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "groupwise webaccess sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "groupwise internet agent",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5.1"
},
{
"model": "groupwise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "edirectory su1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.6.2"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.27"
},
{
"model": "edirectory a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.12"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.0"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.8"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "8.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "networks t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1.1"
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1"
},
{
"model": "networks m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "rational rose",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2000"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.2"
},
{
"model": "hp-ux aaa server a.06.01.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "wbem services for hp-ux a.01.05.05",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "isman",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "firepass",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.3"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.1"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.3"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.0.1"
},
{
"model": "open software",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "3.4"
},
{
"model": "associates etrust security command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "threat response",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure policy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "520"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "515"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software vpn-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "3.0"
},
{
"model": "firewall server",
"scope": "eq",
"trust": 0.3,
"vendor": "borderware",
"version": "7.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.0"
},
{
"model": "coat systems cacheos ca/sa",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.40"
},
{
"model": "solaris 8 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one web server sp7",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp14",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 upgrade standard",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 upgrade platform",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.2"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "communications security ssh2",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.9"
},
{
"model": "communications security ssh sentinel",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4.1"
},
{
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.5"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.3"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.2"
},
{
"model": "netmail f",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "imanager",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.5"
},
{
"model": "edirectory su1",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "rational requisitepro",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "hp-ux aaa server a.06.01.02.04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "wbem services for hp-ux a.01.05.07",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0544",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0544",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.8,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0544",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#104280",
"trust": 0.8,
"value": "11.81"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#732952",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#686224",
"trust": 0.8,
"value": "1.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#935264",
"trust": 0.8,
"value": "21.52"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#380864",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#255484",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CNNVD",
"id": "CNNVD-200311-040",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used. Multiple vulnerabilities exist in different vendors\u0027 SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL Is X.509 With a certificate etc. ASN.1 Authentication information is exchanged using objects. In addition, SSL/TLS Implement the protocol OpenSSL Many other products also contain this vulnerability ASN.1 The existence of vulnerabilities related to processing has been confirmed.Crafted by a third party ASN.1 The client certificate containing the object OpenSSL By passing it to the application that uses (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\n\nOpenSSL Security Advisory [30 September 2003]\n\nVulnerabilities in ASN.1 parsing\n================================\n\nNISCC (www.niscc.gov.uk) prepared a test suite to check the operation\nof SSL/TLS software when presented with a wide range of malformed client\ncertificates. \n\nDr Stephen Henson (steve@openssl.org) of the OpenSSL core team\nidentified and prepared fixes for a number of vulnerabilities in the\nOpenSSL ASN1 code when running the test suite. \n\nVulnerabilities\n- ---------------\n\n1. Certain ASN.1 encodings that are rejected as invalid by the parser\ncan trigger a bug in the deallocation of the corresponding data\nstructure, corrupting the stack. This can be used as a denial of service\nattack. It is currently unknown whether this can be exploited to run\nmalicious code. This issue does not affect OpenSSL 0.9.6. \n\n2. \n\n3. Exploitation of an affected\napplication would result in a denial of service vulnerability. \n\n4. This by\nitself is not strictly speaking a vulnerability but it does mean that\n*all* SSL/TLS servers that use OpenSSL can be attacked using\nvulnerabilities 1, 2 and 3 even if they don\u0027t enable client authentication. \n\nWho is affected?\n- ----------------\n\nAll versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all\nversions of SSLeay are affected. \n\nAny application that makes use of OpenSSL\u0027s ASN1 library to parse\nuntrusted data. This includes all SSL or TLS applications, those using\nS/MIME (PKCS#7) or certificate generation routines. \n\nRecommendations\n- ---------------\n\nUpgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications\nstatically linked to OpenSSL libraries. \n\nReferences\n- ----------\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0545 for issue 1:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545\n\nand CAN-2003-0543 and CAN-2003-0544 for issue 2:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20030930.txt\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q\nx4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS\n3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un\nxjGKYbcITrM=\n=fFTe\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0544"
},
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "PACKETSTORM",
"id": "31738"
}
],
"trust": 6.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2003-0544",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 1.9
},
{
"db": "BID",
"id": "8732",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3900",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22249",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 1.1
},
{
"db": "XF",
"id": "13316",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "CA-2003-26",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:291",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:292",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "201029",
"trust": 0.6
},
{
"db": "ENGARDE",
"id": "ESA-20030930-027",
"trust": 0.6
},
{
"db": "XF",
"id": "1",
"trust": 0.6
},
{
"db": "XF",
"id": "43041",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-394",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-393",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:4574",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31738",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"id": "VAR-200311-0090",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-29T19:39:34.176000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"title": "HPSBUX00288",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00891831"
},
{
"title": "HPSBUX00290",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00901847"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-284"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-284.html"
},
{
"title": "openssl",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/openssl.html"
},
{
"title": "secadv_20030930",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/pdf/2003alert62.pdf"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-292.html"
},
{
"title": "RHSA-2003:291",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-291.html"
},
{
"title": "RHSA-2003:293",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"title": "57599",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-1"
},
{
"title": "57472",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-1"
},
{
"title": "57100",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-1"
},
{
"title": "57498",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-1"
},
{
"title": "57498",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-3"
},
{
"title": "57599",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-3"
},
{
"title": "57472",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-3"
},
{
"title": "57100",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-3"
},
{
"title": "TLSA-2003-55",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-55.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/031210_62/top.html"
},
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20030930-ssl-j.shtml"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-292j.html"
},
{
"title": "RHSA-2003:291",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-291j.html"
},
{
"title": "RHSA-2003:293",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-293j.html"
},
{
"title": "TLSA-2003-55",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-55j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.1,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm"
},
{
"trust": 4.8,
"url": "http://www.ietf.org/rfc/rfc2246.txt"
},
{
"trust": 4.0,
"url": "http://wp.netscape.com/eng/ssl3/"
},
{
"trust": 4.0,
"url": "http://www.itu.int/itu-t/studygroups/com10/languages/"
},
{
"trust": 3.9,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"trust": 3.2,
"url": "http://www.ietf.org/html.charters/pkix-charter.html"
},
{
"trust": 2.7,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 1.9,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21247112"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-292.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-291.html"
},
{
"trust": 1.6,
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3693.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-394"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-393"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1"
},
{
"trust": 1.6,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/8732"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22249"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3900"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43041"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4574"
},
{
"trust": 0.9,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087450.htm"
},
{
"trust": 0.8,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/tls.htm"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/pkcs/"
},
{
"trust": 0.8,
"url": "http://wp.netscape.com/eng/ssl3/draft302.txt"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-159.shtml"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/o-065.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0544"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/advisories/default.aspx?id=br-20031104-00633.xml"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13316"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-26"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-26"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0544"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20031104-00748.pdf"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20031001_103420.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/43041"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3900"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4574"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-tech.shtml"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120400.shtml"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57599"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/swupdates/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967586.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968007.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/esx/esx2-openssh.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967420.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967421.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/products/firewall.php"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967425.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967411.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967408.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967399.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/gsx_security.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967175.htm"
},
{
"trust": 0.3,
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:098"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2004.0422.1"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967210.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967209.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967208.htm"
},
{
"trust": 0.3,
"url": "http://cirt.dk/advisories/cirt-32-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.cirt.dk/advisories/cirt-31-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3040.html"
},
{
"trust": 0.3,
"url": "http://metalink.oracle.com"
},
{
"trust": 0.3,
"url": "http://www.smoothwall.org/home/news/item/20031001.01.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-331.php"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_openssl_asn_vulnerability.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/security-alerts/"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3041.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/476/"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/477/"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57100"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57444"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57472"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57475"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57498"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://www.tarantella.com/security/bulletin-08.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 0.3,
"url": "/archive/1/343055"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0543"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0544"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0544"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2003-09-30T00:00:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"date": "2003-09-30T16:10:22",
"db": "PACKETSTORM",
"id": "31738"
},
{
"date": "2003-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"date": "2003-11-17T05:00:00",
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2016-07-06T14:32:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"date": "2010-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"date": "2018-05-03T01:29:00",
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SSL/TLS implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "8732"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
}
],
"trust": 0.9
}
}
VAR-200311-0089
Vulnerability from variot - Updated: 2022-05-29 19:17Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values. Multiple vulnerabilities exist in different vendors' SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL Is X.509 With a certificate etc. ASN.1 Authentication information is exchanged using objects. OpenSSL 0.9.6j/0.9.7b Before ASN.1 An integer overflow vulnerability exists due to insufficient bounds checking on the value of the object's tag field. In addition, SSL/TLS Implement the protocol OpenSSL Many other products also contain this vulnerability ASN.1 The existence of vulnerabilities related to processing has been confirmed.Third party crafted ASN.1 The client certificate containing the object SSL/TSL Etc. OpenSSL By passing it through an application implemented using OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----
OpenSSL Security Advisory [30 September 2003]
Vulnerabilities in ASN.1 parsing
NISCC (www.niscc.gov.uk) prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates.
Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite.
Vulnerabilities
-
Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be exploited to run malicious code. This issue does not affect OpenSSL 0.9.6.
-
Exploitation of an affected application would result in a denial of service vulnerability.
-
This by itself is not strictly speaking a vulnerability but it does mean that all SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication.
Who is affected?
All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected.
Any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines.
Recommendations
Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications statically linked to OpenSSL libraries.
References
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0545 for issue 1:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545
and CAN-2003-0543 and CAN-2003-0544 for issue 2:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544
URL for this Security Advisory: http://www.openssl.org/news/secadv_20030930.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q x4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS 3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un xjGKYbcITrM= =fFTe -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200311-0089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stunnel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tawie server linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2s"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "java system application server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 platform edition update 2"
},
{
"model": "java system application server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 standard edition update 2"
},
{
"model": "java system directory server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "4.1 sp13"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.0 sp6"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.1"
},
{
"model": "linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux apache-based web server",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "gsx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.15336"
},
{
"model": "esx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.05257"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5.2"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.30"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.200"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.11"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.10"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.01"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1x86"
},
{
"model": "one directory server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.1"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.9"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.8"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.6"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.5"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.4"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.3"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.18"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.17"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat high availability",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.1"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for isa server",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for gauntlet",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.8.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.6.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.8"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.7"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1"
},
{
"model": "communications security ssh sentinel",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ipsec express toolkit",
"scope": null,
"trust": 0.3,
"vendor": "ssh",
"version": null
},
{
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.4"
},
{
"model": "gpl",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "1.0"
},
{
"model": "express beta",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "2.0"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.3"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "oracle9i application server .1s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "nsure audit",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netmail e",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail d",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail c",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.1"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0.2"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.5"
},
{
"model": "ichain server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "groupwise webaccess sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "groupwise internet agent",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5.1"
},
{
"model": "groupwise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "edirectory su1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.6.2"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.27"
},
{
"model": "edirectory a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.12"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.0"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.8"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "8.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "networks t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1.1"
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1"
},
{
"model": "networks m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "rational rose",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2000"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.2"
},
{
"model": "hp-ux aaa server a.06.01.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "wbem services for hp-ux a.01.05.05",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "isman",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "firepass",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.3"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.1"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.3"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.0.1"
},
{
"model": "open software",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "3.4"
},
{
"model": "associates etrust security command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "threat response",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure policy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "520"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "515"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software vpn-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "3.0"
},
{
"model": "firewall server",
"scope": "eq",
"trust": 0.3,
"vendor": "borderware",
"version": "7.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.0"
},
{
"model": "coat systems cacheos ca/sa",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.40"
},
{
"model": "solaris 8 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one web server sp7",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp14",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 upgrade standard",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 upgrade platform",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.2"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "communications security ssh2",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.9"
},
{
"model": "communications security ssh sentinel",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4.1"
},
{
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.5"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.3"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.2"
},
{
"model": "netmail f",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "imanager",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.5"
},
{
"model": "edirectory su1",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "rational requisitepro",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "hp-ux aaa server a.06.01.02.04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "wbem services for hp-ux a.01.05.07",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0543",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0543",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.8,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0543",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#104280",
"trust": 0.8,
"value": "11.81"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#732952",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#686224",
"trust": 0.8,
"value": "1.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#935264",
"trust": 0.8,
"value": "21.52"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#380864",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#255484",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CNNVD",
"id": "CNNVD-200311-070",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values. Multiple vulnerabilities exist in different vendors\u0027 SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL Is X.509 With a certificate etc. ASN.1 Authentication information is exchanged using objects. OpenSSL 0.9.6j/0.9.7b Before ASN.1 An integer overflow vulnerability exists due to insufficient bounds checking on the value of the object\u0027s tag field. In addition, SSL/TLS Implement the protocol OpenSSL Many other products also contain this vulnerability ASN.1 The existence of vulnerabilities related to processing has been confirmed.Third party crafted ASN.1 The client certificate containing the object SSL/TSL Etc. OpenSSL By passing it through an application implemented using OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\n\nOpenSSL Security Advisory [30 September 2003]\n\nVulnerabilities in ASN.1 parsing\n================================\n\nNISCC (www.niscc.gov.uk) prepared a test suite to check the operation\nof SSL/TLS software when presented with a wide range of malformed client\ncertificates. \n\nDr Stephen Henson (steve@openssl.org) of the OpenSSL core team\nidentified and prepared fixes for a number of vulnerabilities in the\nOpenSSL ASN1 code when running the test suite. \n\nVulnerabilities\n- ---------------\n\n1. Certain ASN.1 encodings that are rejected as invalid by the parser\ncan trigger a bug in the deallocation of the corresponding data\nstructure, corrupting the stack. This can be used as a denial of service\nattack. It is currently unknown whether this can be exploited to run\nmalicious code. This issue does not affect OpenSSL 0.9.6. \n\n2. \n\n3. Exploitation of an affected\napplication would result in a denial of service vulnerability. \n\n4. This by\nitself is not strictly speaking a vulnerability but it does mean that\n*all* SSL/TLS servers that use OpenSSL can be attacked using\nvulnerabilities 1, 2 and 3 even if they don\u0027t enable client authentication. \n\nWho is affected?\n- ----------------\n\nAll versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all\nversions of SSLeay are affected. \n\nAny application that makes use of OpenSSL\u0027s ASN1 library to parse\nuntrusted data. This includes all SSL or TLS applications, those using\nS/MIME (PKCS#7) or certificate generation routines. \n\nRecommendations\n- ---------------\n\nUpgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications\nstatically linked to OpenSSL libraries. \n\nReferences\n- ----------\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0545 for issue 1:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545\n\nand CAN-2003-0543 and CAN-2003-0544 for issue 2:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20030930.txt\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q\nx4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS\n3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un\nxjGKYbcITrM=\n=fFTe\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0543"
},
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "PACKETSTORM",
"id": "31738"
}
],
"trust": 6.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2003-0543",
"trust": 2.8
},
{
"db": "BID",
"id": "8732",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3900",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22249",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 1.1
},
{
"db": "XF",
"id": "13316",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "CA-2003-26",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:291",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:292",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "201029",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:4254",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:5292",
"trust": 0.6
},
{
"db": "ENGARDE",
"id": "ESA-20030930-027",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-394",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-393",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31738",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"id": "VAR-200311-0089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-29T19:17:04.347000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"title": "HPSBUX00288",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00891831"
},
{
"title": "HPSBUX00290",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00901847"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-284"
},
{
"title": "HPSBUX0310-290",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-290.html"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-284.html"
},
{
"title": "openssl",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/openssl.html"
},
{
"title": "secadv_20030930",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-292.html"
},
{
"title": "RHSA-2003:291",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-291.html"
},
{
"title": "RHSA-2003:293",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"title": "57472",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-1"
},
{
"title": "57100",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-1"
},
{
"title": "57498",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-1"
},
{
"title": "57599",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-1"
},
{
"title": "57498",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-3"
},
{
"title": "57472",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-3"
},
{
"title": "57100",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-3"
},
{
"title": "57599",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-3"
},
{
"title": "TLSA-2003-55",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-55.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/031210_62/top.html"
},
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20030930-ssl-j.shtml"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-292j.html"
},
{
"title": "RHSA-2003:291",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-291j.html"
},
{
"title": "RHSA-2003:293",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-293j.html"
},
{
"title": "TLSA-2003-55",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-55j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.1,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm"
},
{
"trust": 4.8,
"url": "http://www.ietf.org/rfc/rfc2246.txt"
},
{
"trust": 4.0,
"url": "http://wp.netscape.com/eng/ssl3/"
},
{
"trust": 4.0,
"url": "http://www.itu.int/itu-t/studygroups/com10/languages/"
},
{
"trust": 3.9,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"trust": 3.2,
"url": "http://www.ietf.org/html.charters/pkix-charter.html"
},
{
"trust": 2.7,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/8732"
},
{
"trust": 1.9,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21247112"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-291.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-292.html"
},
{
"trust": 1.6,
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3693.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-394"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-393"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1"
},
{
"trust": 1.6,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22249"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3900"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5292"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4254"
},
{
"trust": 0.9,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087450.htm"
},
{
"trust": 0.8,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/tls.htm"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/pkcs/"
},
{
"trust": 0.8,
"url": "http://wp.netscape.com/eng/ssl3/draft302.txt"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-159.shtml"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/o-065.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0543"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20031104-00753.xml"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/advisories/default.aspx?id=br-20031104-00633.xml"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13316"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-26"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-26"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0543"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20031104-00748.pdf"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20031104-00753.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20031001_103420.html"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5292"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3900"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4254"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-tech.shtml"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120400.shtml"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57599"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/swupdates/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967586.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968007.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/esx/esx2-openssh.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967420.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967421.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/products/firewall.php"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967425.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967411.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967408.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967399.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/gsx_security.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967175.htm"
},
{
"trust": 0.3,
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:098"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2004.0422.1"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967210.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967209.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967208.htm"
},
{
"trust": 0.3,
"url": "http://cirt.dk/advisories/cirt-32-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.cirt.dk/advisories/cirt-31-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3040.html"
},
{
"trust": 0.3,
"url": "http://metalink.oracle.com"
},
{
"trust": 0.3,
"url": "http://www.smoothwall.org/home/news/item/20031001.01.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-331.php"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_openssl_asn_vulnerability.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/security-alerts/"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3041.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/476/"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/477/"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57100"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57444"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57472"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57475"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57498"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://www.tarantella.com/security/bulletin-08.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 0.3,
"url": "/archive/1/343055"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0543"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0544"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0544"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2003-09-30T00:00:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"date": "2003-09-30T16:10:22",
"db": "PACKETSTORM",
"id": "31738"
},
{
"date": "2003-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"date": "2003-11-17T05:00:00",
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2016-07-06T14:32:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"date": "2010-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"date": "2018-05-03T01:29:00",
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SSL/TLS implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "8732"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
}
],
"trust": 0.9
}
}
VAR-200310-0017
Vulnerability from variot - Updated: 2022-05-04 09:14Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. Novell has reported that the PMAP.NLM component of NetWare/ZenWorks is prone to a buffer overrun vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200310-0017",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zenworks desktops",
"scope": "eq",
"trust": 1.6,
"vendor": "novell",
"version": "4.0"
},
{
"model": "zenworks desktops",
"scope": "eq",
"trust": 1.6,
"vendor": "novell",
"version": "3.2"
},
{
"model": "netware",
"scope": "eq",
"trust": 1.6,
"vendor": "novell",
"version": "6.0"
},
{
"model": "zenworks desktops",
"scope": "eq",
"trust": 1.6,
"vendor": "novell",
"version": "4.0.1"
},
{
"model": "zenworks for desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0.1"
},
{
"model": "zenworks for desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "zenworks for desktops sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.2"
},
{
"model": "netware sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "8907"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-076"
},
{
"db": "NVD",
"id": "CVE-2003-1150"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:novell:zenworks_desktops:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:novell:zenworks_desktops:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:novell:zenworks_desktops:3.2:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:novell:netware:6.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1150"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Novell",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-076"
}
],
"trust": 0.6
},
"cve": "CVE-2003-1150",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2003-1150",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-1150",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200310-076",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-076"
},
{
"db": "NVD",
"id": "CVE-2003-1150"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. Novell has reported that the PMAP.NLM component of NetWare/ZenWorks is prone to a buffer overrun vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1150"
},
{
"db": "BID",
"id": "8907"
}
],
"trust": 1.17
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "8907",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "10100",
"trust": 1.6
},
{
"db": "NVD",
"id": "CVE-2003-1150",
"trust": 1.6
},
{
"db": "XF",
"id": "13564",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200310-076",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "8907"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-076"
},
{
"db": "NVD",
"id": "CVE-2003-1150"
}
]
},
"id": "VAR-200310-0017",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.18333334
},
"last_update_date": "2022-05-04T09:14:51.445000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1150"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/8907"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/10100"
},
{
"trust": 1.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10088194.htm"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13564"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/13564"
}
],
"sources": [
{
"db": "BID",
"id": "8907"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-076"
},
{
"db": "NVD",
"id": "CVE-2003-1150"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "8907"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-076"
},
{
"db": "NVD",
"id": "CVE-2003-1150"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-10-27T00:00:00",
"db": "BID",
"id": "8907"
},
{
"date": "2003-10-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-076"
},
{
"date": "2003-10-27T05:00:00",
"db": "NVD",
"id": "CVE-2003-1150"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-10-27T00:00:00",
"db": "BID",
"id": "8907"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-076"
},
{
"date": "2017-07-11T01:29:00",
"db": "NVD",
"id": "CVE-2003-1150"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-076"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Novell PMAP.NLM Remote buffer overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-076"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "8907"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-076"
}
],
"trust": 0.9
}
}
CVE-2011-4191 (GCVE-0-2011-4191)
Vulnerability from nvd – Published: 2011-11-30 02:00 – Updated: 2024-09-17 03:53
VLAI?
Summary
Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:01:51.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=671020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=702491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=Cfw1tDezgbw~"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-11-30T02:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=671020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=702491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=Cfw1tDezgbw~"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=671020",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=671020"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=702491",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=702491"
},
{
"name": "http://download.novell.com/Download?buildid=Cfw1tDezgbw~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=Cfw1tDezgbw~"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4191",
"datePublished": "2011-11-30T02:00:00.000Z",
"dateReserved": "2011-10-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:53:41.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4228 (GCVE-0-2010-4228)
Vulnerability from nvd – Published: 2011-03-22 17:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2011-03-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=25\u0026Itemid=25"
},
{
"name": "43824",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43824"
},
{
"name": "8149",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8149"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=641249"
},
{
"name": "46922",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46922"
},
{
"name": "netware-dele-bo(66170)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66170"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-106/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=25\u0026Itemid=25"
},
{
"name": "43824",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43824"
},
{
"name": "8149",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8149"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=641249"
},
{
"name": "46922",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46922"
},
{
"name": "netware-dele-bo(66170)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66170"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-106/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=25\u0026Itemid=25",
"refsource": "MISC",
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=25\u0026Itemid=25"
},
{
"name": "43824",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43824"
},
{
"name": "8149",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8149"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=641249",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=641249"
},
{
"name": "46922",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46922"
},
{
"name": "netware-dele-bo(66170)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66170"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-106/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-106/"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4228",
"datePublished": "2011-03-22T17:00:00.000Z",
"dateReserved": "2010-11-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4227 (GCVE-0-2010-4227)
Vulnerability from nvd – Published: 2011-02-25 18:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Date Public ?
2011-02-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netware-xdrdecodestring-code-exec(65625)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65625"
},
{
"name": "46535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46535"
},
{
"name": "ADV-2011-0497",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-090"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=1z3z-OsVCiE~"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=24\u0026Itemid=24"
},
{
"name": "8104",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8104"
},
{
"name": "43431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43431"
},
{
"name": "16234",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/16234"
},
{
"name": "1025119",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025119"
},
{
"name": "20110223 ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/516645/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netware-xdrdecodestring-code-exec(65625)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65625"
},
{
"name": "46535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46535"
},
{
"name": "ADV-2011-0497",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-090"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=1z3z-OsVCiE~"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=24\u0026Itemid=24"
},
{
"name": "8104",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8104"
},
{
"name": "43431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43431"
},
{
"name": "16234",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/16234"
},
{
"name": "1025119",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025119"
},
{
"name": "20110223 ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/516645/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netware-xdrdecodestring-code-exec(65625)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65625"
},
{
"name": "46535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46535"
},
{
"name": "ADV-2011-0497",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0497"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-090",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-090"
},
{
"name": "http://download.novell.com/Download?buildid=1z3z-OsVCiE~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=1z3z-OsVCiE~"
},
{
"name": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=24\u0026Itemid=24",
"refsource": "MISC",
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=24\u0026Itemid=24"
},
{
"name": "8104",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8104"
},
{
"name": "43431",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43431"
},
{
"name": "16234",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/16234"
},
{
"name": "1025119",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025119"
},
{
"name": "20110223 ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516645/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4227",
"datePublished": "2011-02-25T18:00:00.000Z",
"dateReserved": "2010-11-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2351 (GCVE-0-2010-2351)
Vulnerability from nvd – Published: 2010-06-21 19:00 – Updated: 2024-08-07 02:32
VLAI?
Summary
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2010-06-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow"
},
{
"name": "netware-cifsnlm-bo(59501)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59501"
},
{
"name": "40199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40199"
},
{
"name": "40908",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40908"
},
{
"name": "ADV-2010-1514",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1514"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=tMWCI1cdI7s~"
},
{
"name": "13906",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/13906"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow"
},
{
"name": "netware-cifsnlm-bo(59501)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59501"
},
{
"name": "40199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40199"
},
{
"name": "40908",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40908"
},
{
"name": "ADV-2010-1514",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1514"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=tMWCI1cdI7s~"
},
{
"name": "13906",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/13906"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow",
"refsource": "MISC",
"url": "http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow"
},
{
"name": "netware-cifsnlm-bo(59501)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59501"
},
{
"name": "40199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40199"
},
{
"name": "40908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40908"
},
{
"name": "ADV-2010-1514",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1514"
},
{
"name": "http://download.novell.com/Download?buildid=tMWCI1cdI7s~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=tMWCI1cdI7s~"
},
{
"name": "13906",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/13906"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2351",
"datePublished": "2010-06-21T19:00:00.000Z",
"dateReserved": "2010-06-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:32:16.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0625 (GCVE-0-2010-0625)
Vulnerability from nvd – Published: 2010-04-05 16:00 – Updated: 2024-08-07 00:52
VLAI?
Summary
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2010-03-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "ADV-2010-0742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0742"
},
{
"name": "20100405 ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/510557/100/0/threaded"
},
{
"name": "39151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39151"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-062"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=569496"
},
{
"name": "20100329 {PRL} Novell Netware FTP Remote Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/510353/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12"
},
{
"name": "39041",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39041"
},
{
"name": "1023768",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023768"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "ADV-2010-0742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0742"
},
{
"name": "20100405 ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/510557/100/0/threaded"
},
{
"name": "39151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39151"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-062"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=569496"
},
{
"name": "20100329 {PRL} Novell Netware FTP Remote Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/510353/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12"
},
{
"name": "39041",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39041"
},
{
"name": "1023768",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023768"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "ADV-2010-0742",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0742"
},
{
"name": "20100405 ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510557/100/0/threaded"
},
{
"name": "39151",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39151"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-062",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-062"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=569496",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=569496"
},
{
"name": "20100329 {PRL} Novell Netware FTP Remote Stack Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510353/100/0/threaded"
},
{
"name": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12",
"refsource": "MISC",
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12"
},
{
"name": "39041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39041"
},
{
"name": "1023768",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023768"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0625",
"datePublished": "2010-04-05T16:00:00.000Z",
"dateReserved": "2010-02-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:52:19.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6735 (GCVE-0-2007-6735)
Vulnerability from nvd – Published: 2010-04-05 15:15 – Updated: 2024-09-16 20:11
VLAI?
Summary
NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=260459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-05T15:15:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=260459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6735",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=260459",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=260459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6735",
"datePublished": "2010-04-05T15:15:00.000Z",
"dateReserved": "2010-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:11:26.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6734 (GCVE-0-2007-6734)
Vulnerability from nvd – Published: 2010-04-05 15:15 – Updated: 2024-09-16 20:17
VLAI?
Summary
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=272093"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-05T15:15:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=272093"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6734",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=272093",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=272093"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6734",
"datePublished": "2010-04-05T15:15:00.000Z",
"dateReserved": "2010-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:17:18.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4888 (GCVE-0-2005-4888)
Vulnerability from nvd – Published: 2010-04-05 15:15 – Updated: 2024-09-17 02:07
VLAI?
Summary
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=97819"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-05T15:15:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=97819"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4888",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=97819",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=97819"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4888",
"datePublished": "2010-04-05T15:15:00.000Z",
"dateReserved": "2010-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:07:16.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4887 (GCVE-0-2005-4887)
Vulnerability from nvd – Published: 2010-04-05 15:15 – Updated: 2024-09-16 16:43
VLAI?
Summary
NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=133977"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-05T15:15:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=133977"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=133977",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=133977"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4887",
"datePublished": "2010-04-05T15:15:00.000Z",
"dateReserved": "2010-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:43:38.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2767 (GCVE-0-2004-2767)
Vulnerability from nvd – Published: 2010-04-05 15:15 – Updated: 2024-09-16 22:14
VLAI?
Summary
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-05T15:15:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2767",
"datePublished": "2010-04-05T15:15:00.000Z",
"dateReserved": "2010-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:14:56.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1596 (GCVE-0-2003-1596)
Vulnerability from nvd – Published: 2010-04-05 15:15 – Updated: 2024-09-16 19:51
VLAI?
Summary
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-05T15:15:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1596",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1596",
"datePublished": "2010-04-05T15:15:00.000Z",
"dateReserved": "2010-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:51:36.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4191 (GCVE-0-2011-4191)
Vulnerability from cvelistv5 – Published: 2011-11-30 02:00 – Updated: 2024-09-17 03:53
VLAI?
Summary
Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:01:51.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=671020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=702491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=Cfw1tDezgbw~"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-11-30T02:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=671020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=702491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=Cfw1tDezgbw~"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=671020",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=671020"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=702491",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=702491"
},
{
"name": "http://download.novell.com/Download?buildid=Cfw1tDezgbw~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=Cfw1tDezgbw~"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4191",
"datePublished": "2011-11-30T02:00:00.000Z",
"dateReserved": "2011-10-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:53:41.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4228 (GCVE-0-2010-4228)
Vulnerability from cvelistv5 – Published: 2011-03-22 17:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2011-03-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=25\u0026Itemid=25"
},
{
"name": "43824",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43824"
},
{
"name": "8149",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8149"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=641249"
},
{
"name": "46922",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46922"
},
{
"name": "netware-dele-bo(66170)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66170"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-106/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=25\u0026Itemid=25"
},
{
"name": "43824",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43824"
},
{
"name": "8149",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8149"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=641249"
},
{
"name": "46922",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46922"
},
{
"name": "netware-dele-bo(66170)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66170"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-106/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=25\u0026Itemid=25",
"refsource": "MISC",
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=25\u0026Itemid=25"
},
{
"name": "43824",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43824"
},
{
"name": "8149",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8149"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=641249",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=641249"
},
{
"name": "46922",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46922"
},
{
"name": "netware-dele-bo(66170)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66170"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-106/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-106/"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4228",
"datePublished": "2011-03-22T17:00:00.000Z",
"dateReserved": "2010-11-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4227 (GCVE-0-2010-4227)
Vulnerability from cvelistv5 – Published: 2011-02-25 18:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Date Public ?
2011-02-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netware-xdrdecodestring-code-exec(65625)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65625"
},
{
"name": "46535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46535"
},
{
"name": "ADV-2011-0497",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-090"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=1z3z-OsVCiE~"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=24\u0026Itemid=24"
},
{
"name": "8104",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8104"
},
{
"name": "43431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43431"
},
{
"name": "16234",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/16234"
},
{
"name": "1025119",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025119"
},
{
"name": "20110223 ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/516645/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netware-xdrdecodestring-code-exec(65625)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65625"
},
{
"name": "46535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46535"
},
{
"name": "ADV-2011-0497",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-090"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=1z3z-OsVCiE~"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=24\u0026Itemid=24"
},
{
"name": "8104",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8104"
},
{
"name": "43431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43431"
},
{
"name": "16234",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/16234"
},
{
"name": "1025119",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025119"
},
{
"name": "20110223 ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/516645/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netware-xdrdecodestring-code-exec(65625)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65625"
},
{
"name": "46535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46535"
},
{
"name": "ADV-2011-0497",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0497"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-090",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-090"
},
{
"name": "http://download.novell.com/Download?buildid=1z3z-OsVCiE~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=1z3z-OsVCiE~"
},
{
"name": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=24\u0026Itemid=24",
"refsource": "MISC",
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=24\u0026Itemid=24"
},
{
"name": "8104",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8104"
},
{
"name": "43431",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43431"
},
{
"name": "16234",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/16234"
},
{
"name": "1025119",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025119"
},
{
"name": "20110223 ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516645/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4227",
"datePublished": "2011-02-25T18:00:00.000Z",
"dateReserved": "2010-11-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2351 (GCVE-0-2010-2351)
Vulnerability from cvelistv5 – Published: 2010-06-21 19:00 – Updated: 2024-08-07 02:32
VLAI?
Summary
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2010-06-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow"
},
{
"name": "netware-cifsnlm-bo(59501)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59501"
},
{
"name": "40199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40199"
},
{
"name": "40908",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40908"
},
{
"name": "ADV-2010-1514",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1514"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=tMWCI1cdI7s~"
},
{
"name": "13906",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/13906"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow"
},
{
"name": "netware-cifsnlm-bo(59501)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59501"
},
{
"name": "40199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40199"
},
{
"name": "40908",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40908"
},
{
"name": "ADV-2010-1514",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1514"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=tMWCI1cdI7s~"
},
{
"name": "13906",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/13906"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow",
"refsource": "MISC",
"url": "http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow"
},
{
"name": "netware-cifsnlm-bo(59501)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59501"
},
{
"name": "40199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40199"
},
{
"name": "40908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40908"
},
{
"name": "ADV-2010-1514",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1514"
},
{
"name": "http://download.novell.com/Download?buildid=tMWCI1cdI7s~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=tMWCI1cdI7s~"
},
{
"name": "13906",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/13906"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2351",
"datePublished": "2010-06-21T19:00:00.000Z",
"dateReserved": "2010-06-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:32:16.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0625 (GCVE-0-2010-0625)
Vulnerability from cvelistv5 – Published: 2010-04-05 16:00 – Updated: 2024-08-07 00:52
VLAI?
Summary
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2010-03-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "ADV-2010-0742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0742"
},
{
"name": "20100405 ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/510557/100/0/threaded"
},
{
"name": "39151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39151"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-062"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=569496"
},
{
"name": "20100329 {PRL} Novell Netware FTP Remote Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/510353/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12"
},
{
"name": "39041",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39041"
},
{
"name": "1023768",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023768"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "ADV-2010-0742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0742"
},
{
"name": "20100405 ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/510557/100/0/threaded"
},
{
"name": "39151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39151"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-062"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=569496"
},
{
"name": "20100329 {PRL} Novell Netware FTP Remote Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/510353/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12"
},
{
"name": "39041",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39041"
},
{
"name": "1023768",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023768"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3238588\u0026sliceId=1"
},
{
"name": "ADV-2010-0742",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0742"
},
{
"name": "20100405 ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510557/100/0/threaded"
},
{
"name": "39151",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39151"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-062",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-062"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=569496",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=569496"
},
{
"name": "20100329 {PRL} Novell Netware FTP Remote Stack Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510353/100/0/threaded"
},
{
"name": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12",
"refsource": "MISC",
"url": "http://www.protekresearchlab.com/index.php?option=com_content\u0026view=article\u0026id=12\u0026Itemid=12"
},
{
"name": "39041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39041"
},
{
"name": "1023768",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023768"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0625",
"datePublished": "2010-04-05T16:00:00.000Z",
"dateReserved": "2010-02-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:52:19.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}