Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
540 vulnerabilities found for workstation by vmware
VAR-201006-0260
Vulnerability from variot - Updated: 2026-03-09 23:25Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The 'libpng' library is prone to multiple vulnerabilities. Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. These issues affect versions prior to 'libpng' 1.4.3 and 1.2.44.
Background
libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libpng < 1.4.3 >= 1.4.3
Description
Multiple vulnerabilities were found in libpng:
-
The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205)
-
A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205)
-
A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249)
Impact
An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user.
Workaround
There is no known workaround at this time.
Resolution
All libpng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3"
References
[ 1 ] CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 [ 2 ] CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 [ 3 ] CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201010-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
For the testing (squeeze) and unstable (sid) distribution, these problems have been fixed in version 1.2.44-1
We recommend that you upgrade your libpng package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed
These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425
- Summary
VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.
- Relevant releases
VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,
Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.
- Problem Description
a. VMware Workstation and Player installer security issue
The Workstation 7.x and Player 3.x installers will load an index.htm
file located in the current working directory on which Workstation
7.x or Player 3.x is being installed. This may allow an attacker to
display a malicious file if they manage to get their file onto the
system prior to installation.
The issue can only be exploited at the time that Workstation 7.x or
Player 3.x is being installed. Installed versions of Workstation and
Player are not affected. The security issue is no longer present in
the installer of the new versions of Workstation 7.x and Player 3.x
(see table below for the version numbers).
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3277 to this issue.
VMware would like to thank Alexander Trofimov and Marc Esher for
independently reporting this issue to VMware.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any 7.1.2 build 301548 or later *
Workstation 6.5.x any not affected
Player 3.x any 3.1.2 build 301548 or later *
Player 2.5.x any not affected
AMS any any not affected
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
- Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable.
b. Third party libpng updated to version 1.2.44
A buffer overflow condition in libpng is addressed that could
potentially lead to code execution with the privileges of the
application using libpng. Two potential denial of service issues
are also addressed in the update.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249
to these issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.1.x any 7.1.2 build 301548 or later
Workstation 6.5.x any affected, patch pending
Player 3.1.x any 3.1.2 build 301548 or later
Player 2.5.x any affected, patch pending
AMS any any not affected
Server any any affected, no patch planned
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.
A function in Apache HTTP Server when multithreaded MPM is used
does not properly handle headers in subrequests in certain
circumstances which may allow remote attackers to obtain sensitive
information via a crafted request that triggers access to memory
locations associated with an earlier request.
The Apache mod_isapi module can be forced to unload a specific
library before the processing of a request is complete, resulting
in memory corruption.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation any any not affected
Player any any not affected
AMS any Windows 2.7.2 build 301548 or later
AMS any Linux affected, patch pending *
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note CVE-2010-0425 is not applicable to AMS running on Linux
-
Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 7.1.2
http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html
Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: 2e9715ec297dc3ca904ad2707d3e2614
sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a
Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 066929f59aef46f11f4d9fd6c6b36e4d
sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3
VMware Player 3.1.2
http://www.vmware.com/download/player/ Release notes:
http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html
VMware Player for Windows 32-bit and 64-bit
md5sum: 3f289cb33af5e425c92d8512fb22a7ba
sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70
VMware Player for Linux 32-bit
md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8
sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749
VMware Player for Linux 64-bit
md5sum: 2ab08e0d4050719845a64d334ca15bb1
sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c
VMware ACE Management Server 2.7.2
http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html
ACE Management Server for Windows
md5sum: 02f0072b8e48a98ed914b633f070d550
sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
- Change log
2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware Security Advisories http://www.vmware.com/security/advisoiries
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-960-1 July 08, 2010 libpng vulnerabilities CVE-2010-1205, CVE-2010-2249 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.6
Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.3
Ubuntu 9.04: libpng12-0 1.2.27-2ubuntu2.2
Ubuntu 9.10: libpng12-0 1.2.37-1ubuntu0.2
Ubuntu 10.04 LTS: libpng12-0 1.2.42-1ubuntu2.1
After a standard system update you need to reboot your computer to make all the necessary changes.
Details follow:
It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)
It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-2249)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz
Size/MD5: 24044 8979ca6b113137fe5ee051c1c70571eb
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc
Size/MD5: 661 92722fa973e92a99f982fe05b5826adf
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb
Size/MD5: 842 dcbc7d24c8426e3b3024859ec157f57e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb
Size/MD5: 114528 aea355e99e67b76c9464f8cc49b3560d
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb
Size/MD5: 247576 f0e52e10a663f9b1b04d9371d4a2cf14
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb
Size/MD5: 69504 6536e83152b2cf00d0d961b9b095c2d5
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb
Size/MD5: 112048 b8f85cc6154602422a8841a5cad1a4a1
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb
Size/MD5: 239628 fb6f6e62a9fa6114c50946c74cb2ed5d
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb
Size/MD5: 66946 501acb21d567d62608904e4272ff842d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb
Size/MD5: 111648 19cccb12fb968f40f04068b9da24f589
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb
Size/MD5: 245230 ebdbfc860056170b7a165479d7905bb3
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb
Size/MD5: 66458 24e918a95770150b4df72530bd6de095
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb
Size/MD5: 109156 510d17affd2c0cf3f5dce5379df57d49
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb
Size/MD5: 240072 1ff11e0649a58bc7b809c86941aaafd7
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb
Size/MD5: 63882 d7df02c540e66a536cbffca5d02645d5
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz
Size/MD5: 22755 f5c0ba19b04eba8264ebb6b30c5617d6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc
Size/MD5: 832 d08a82b28411baa0184d3b8231fd8b61
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb
Size/MD5: 940 7344fa4e61880636b014525f6e6482a1
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb
Size/MD5: 190186 01f82b2b967c5212e834dd57c12c1a7c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb
Size/MD5: 179752 c26e243dd21f5dd10b478c0415215c1c
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb
Size/MD5: 70534 5f7628d9b644ae953c515d18f7de9980
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb
Size/MD5: 188782 51354007cca0796218e3aaeba6142c41
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb
Size/MD5: 171216 b7a092ef2f5955b380adc015bfae6c81
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb
Size/MD5: 69082 7612cd438ddfaab236de5f342f709b66
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb
Size/MD5: 189664 4825baf36c5d14b5066d548aaf050866
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb
Size/MD5: 172962 b16b496d6553fbf28523147617011b95
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb
Size/MD5: 70020 61f5d75c4435333ef586677a07d49915
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb
Size/MD5: 190300 8ac6e4c1efb73de848d5bc5457093e7a
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb
Size/MD5: 179166 d92637edf805d7d673a4440b2605dc57
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb
Size/MD5: 70604 adf25dd26d85725ab3c74c4a80a7a541
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb
Size/MD5: 185622 ef3cf5486afe387d09bf05106893b371
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb
Size/MD5: 173422 4b2f3476b423a3c5c31ee0738bfb4458
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb
Size/MD5: 65928 ab5ac0b24d618dc432d1763a0e50ebda
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz
Size/MD5: 176459 b2f27af9534f3c5b9a120680cd41ce7c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc
Size/MD5: 1296 b66efe2157ab6f3dad6e57b4fe9dbf13
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb
Size/MD5: 932 1c66e49e2b875fa40c5556c19d076508
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb
Size/MD5: 72852 a1bbcffd25c3ec87cbdf86be154962fc
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb
Size/MD5: 168576 9f40f2846c21aa5835f53ab6895ec5cf
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb
Size/MD5: 255784 d9060ad287e40ded1848b79284abbcc0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb
Size/MD5: 71102 c18134055d747d066b60218b69e99d45
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb
Size/MD5: 166904 e8151a3f79f0fff6d98bbb0675621594
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb
Size/MD5: 247922 ae8412d1c420f1dd63cb436382cad51f
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb
Size/MD5: 71488 5179307ffe74c10515e61503e647606f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb
Size/MD5: 167370 dd07d7a09484eb7711da5cd874099abe
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb
Size/MD5: 248872 a34333b123f4d12e7872868111942cbd
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb
Size/MD5: 71674 f742f2771d94ca29746906c1177d657d
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb
Size/MD5: 167514 478378fde5c7fd14fbffa1be072aa21c
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb
Size/MD5: 254642 ba3f255f4346a4483c5410d55acaac65
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb
Size/MD5: 66670 ee067298bc51471f06bcf1a74b557310
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb
Size/MD5: 162336 ab167dcdbbd930a3d976af0ad57cbac2
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb
Size/MD5: 248428 8b96f4ff4f0ad8e366ed4475d3890948
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz
Size/MD5: 20129 f230ec37944a0150ffc83cfdddc7c906
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc
Size/MD5: 1293 fce0b2fd543aeff27d47fb91f12af053
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz
Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb
Size/MD5: 932 cee669d58ac9660e1fe71cf9e2eeda9d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb
Size/MD5: 73938 15bb328beed6ab3287967c54e4177018
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb
Size/MD5: 175088 f003cc7565826cfcc337ab409ffc6e8f
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb
Size/MD5: 265400 2d26dc0e9ddb6c2010776fbbcb82d791
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb
Size/MD5: 70444 a80af68dda6ff1aa3168040d33600e64
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb
Size/MD5: 171594 3fca9df961cc3616b75f6518ab870a68
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb
Size/MD5: 255474 1ab05dffaa25e1d9190d0ea872b0fbd8
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb
Size/MD5: 71066 0495b247d489438259937bee1f17761f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb
Size/MD5: 172296 730fd7a16f9496e37ffee99ea68d15a6
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb
Size/MD5: 257350 fff93fe6a558aef20e20b8b8f15227e7
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb
Size/MD5: 72524 8e92aaedc8e6fabafed81cca60a833e9
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb
Size/MD5: 173720 055336debc8a5b9ff92e6cae9998ac94
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb
Size/MD5: 264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb
Size/MD5: 67348 44b9c2989661e116d78b809a8657a5c8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb
Size/MD5: 168516 b98b4872db6f90caf0f43da67197dec0
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb
Size/MD5: 257634 eb673ad114284bbd9be37e1c322e1bfb
Updated packages for Ubuntu 10.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2
Size/MD5: 19511 ac49d7354c1ab87a91dbad607733629f
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc
Size/MD5: 1299 dae31f78418d5db8c3476d7562859658
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2
Size/MD5: 670811 9a5cbe9798927fdf528f3186a8840ebe
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb
Size/MD5: 926 602d7036448637b45c1eacbc31e05640
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb
Size/MD5: 74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb
Size/MD5: 180006 3b5339fe77bcdae97bb2a318496a192e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb
Size/MD5: 271858 ae0c6a1e973dad2b0a0685fd863c096d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb
Size/MD5: 70692 b264bdd0086f3451e42df7f840ab894a
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb
Size/MD5: 176510 03c3d70135e907f21b2342972d8a9b40
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb
Size/MD5: 261728 955b40272944dd988ee39b62d8c6606c
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb
Size/MD5: 73380 ad2cda1c89c55c473121da33a40294f6
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb
Size/MD5: 179272 b6623c3dcdc841a762308f889c8b478e
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb
Size/MD5: 271898 fcccfdb0eb4bc3a3470a83888f8bae28
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb
Size/MD5: 69258 ec2047ed5079933d6dbeb841a0207c59
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb
Size/MD5: 175214 142020dfd126d2335bc93bad6a714799
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb
Size/MD5: 265174 06843a4a028c5533e89d5562cbeb2047
. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory.
Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Updated Packages:
Mandriva Linux 2008.0: 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2009.0: 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.1: 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2010.0: 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.1: 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64: 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Corporate 4.0: be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Corporate 4.0/X86_64: f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64: e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX KlOM1C8b0XVNVFF83vXPz9A= =E10C -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-0260",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "11"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.1,
"vendor": "apple",
"version": "10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1.2"
},
{
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.0"
},
{
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.2"
},
{
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.2.44"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.3"
},
{
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.5"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "iphone os",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "13"
},
{
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.42"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.33"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.32"
},
{
"model": "libpng",
"scope": "lt",
"trust": 0.8,
"vendor": "png group",
"version": "1.2.44"
},
{
"model": "libpng",
"scope": "lt",
"trust": 0.8,
"vendor": "png group",
"version": "1.4.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.1.x"
},
{
"model": "server",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "7.1.x"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "(2nd generation) 4.0 software"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.0 to 4.1 (iphone 3g after )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.1 to 4.1 (ipod touch (2nd generation) after )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "3.2 to 3.2.2 (ipad for )"
},
{
"model": "ipad",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "iphone",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "ipod touch",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.40"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.41"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.29"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.30"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.3"
},
{
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.25"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.16"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "15.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.21"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.36"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.6"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "in motion blackberry enterprise server express for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1.2301548"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9156507"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.18"
},
{
"model": "in motion blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.5"
},
{
"model": "coat systems proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "3.4.1.1"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "beta19",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2156735"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.15"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "aura system platform sp1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.8"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.13"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.20"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.14"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10203137"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.12"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.8"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.2"
},
{
"model": "in motion blackberry enterprise server for exchange mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1.2301548"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10"
},
{
"model": "in motion blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "4.1.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "in motion blackberry enterprise server for domino mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"model": "in motion blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "0.90"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.26"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8126538"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.24"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.43"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.2"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.44"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "in motion blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.9"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7108231"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.34"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.17"
},
{
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "intuity audix r5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "in motion blackberry enterprise server for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.37"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.17"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "coat systems proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.4.1.0"
},
{
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.3"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "in motion blackberry enterprise server for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1"
},
{
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.52"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.43"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "intuity lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.691891"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.11"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.22"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.2"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3185404"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "in motion blackberry enterprise server express for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.16"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.53"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.13"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.10"
},
{
"model": "in motion blackberry enterprise server for novell groupwise mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.35"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.19"
}
],
"sources": [
{
"db": "BID",
"id": "41174"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:libpng:libpng",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipad",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:iphone",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipod_touch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Greg Roelofs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
],
"trust": 0.6
},
"cve": "CVE-2010-2249",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2249",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-2249",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-44854",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2010-2249",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2249",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-2249",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-491",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-44854",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-2249",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The \u0027libpng\u0027 library is prone to multiple vulnerabilities. \nSuccessful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. \nThese issues affect versions prior to \u0027libpng\u0027 1.4.3 and 1.2.44. \n\nBackground\n==========\n\nlibpng is a standard library used to process PNG (Portable Network\nGraphics) images. It is used by several programs, including web\nbrowsers and potentially server processes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-libs/libpng \u003c 1.4.3 \u003e= 1.4.3\n\nDescription\n===========\n\nMultiple vulnerabilities were found in libpng:\n\n* The png_decompress_chunk() function in pngrutil.c does not properly\n handle certain type of compressed data (CVE-2010-0205)\n\n* A buffer overflow in pngread.c when using progressive applications\n (CVE-2010-1205)\n\n* A memory leak in pngrutil.c when dealing with a certain type of\n chunks (CVE-2010-2249)\n\nImpact\n======\n\nAn attacker could exploit these vulnerabilities to cause programs\nlinked against the library to crash or execute arbitrary code with the\npermissions of the user running the vulnerable program, which could be\nthe root user. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.4.3\"\n\nReferences\n==========\n\n [ 1 ] CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n [ 2 ] CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n [ 3 ] CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201010-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n. \n\nFor the testing (squeeze) and unstable (sid) distribution, these\nproblems have been fixed in version 1.2.44-1\n\nWe recommend that you upgrade your libpng package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc\n Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz\n Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb\n Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb\n Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb\n Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb\n Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb\n Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb\n Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb\n Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb\n Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb\n Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb\n Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb\n Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb\n Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb\n Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb\n Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb\n Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb\n Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb\n Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb\n Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb\n Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb\n Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb\n Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb\n Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb\n Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb\n Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb\n Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb\n Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb\n Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb\n Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb\n Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb\n Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb\n Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb\n Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb\n Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb\n Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb\n Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb\n Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb\n Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed\n\n\n These files will probably be moved into the stable distribution on\n its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0014\nSynopsis: VMware Workstation, Player, and ACE address several\n security issues. \nIssue date: 2010-09-23\nUpdated on: 2010-09-23 (initial release of advisory)\nCVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware Workstation and Player address a potential installer security\n issue and security issues in libpng. VMware ACE Management Server\n (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n VMware Workstation 7.1.1 and earlier,\n VMware Player 3.1.1 and earlier,\n VMware ACE Management Server 2.7.1 and earlier,\n\n Note: VMware Server was declared End Of Availability on January 2010,\n support will be limited to Technical Guidance for the duration\n of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n The Workstation 7.x and Player 3.x installers will load an index.htm\n file located in the current working directory on which Workstation\n 7.x or Player 3.x is being installed. This may allow an attacker to\n display a malicious file if they manage to get their file onto the\n system prior to installation. \n\n The issue can only be exploited at the time that Workstation 7.x or\n Player 3.x is being installed. Installed versions of Workstation and\n Player are not affected. The security issue is no longer present in\n the installer of the new versions of Workstation 7.x and Player 3.x\n (see table below for the version numbers). \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-3277 to this issue. \n\n VMware would like to thank Alexander Trofimov and Marc Esher for\n independently reporting this issue to VMware. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any 7.1.2 build 301548 or later *\n Workstation 6.5.x any not affected\n\n Player 3.x any 3.1.2 build 301548 or later *\n Player 2.5.x any not affected\n\n AMS any any not affected\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note: This only affects the installer, if you have a version of\n Workstation or Player installed you are not vulnerable. \n\n\n b. Third party libpng updated to version 1.2.44\n\n A buffer overflow condition in libpng is addressed that could\n potentially lead to code execution with the privileges of the\n application using libpng. Two potential denial of service issues\n are also addressed in the update. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.1.x any 7.1.2 build 301548 or later\n Workstation 6.5.x any affected, patch pending\n\n Player 3.1.x any 3.1.2 build 301548 or later\n Player 2.5.x any affected, patch pending\n\n AMS any any not affected\n\n Server any any affected, no patch planned\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n version 2.2.15. \n\n A function in Apache HTTP Server when multithreaded MPM is used\n does not properly handle headers in subrequests in certain\n circumstances which may allow remote attackers to obtain sensitive\n information via a crafted request that triggers access to memory\n locations associated with an earlier request. \n\n The Apache mod_isapi module can be forced to unload a specific\n library before the processing of a request is complete, resulting\n in memory corruption. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation any any not affected\n\n Player any any not affected\n\n AMS any Windows 2.7.2 build 301548 or later\n AMS any Linux affected, patch pending *\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 7.1.2\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n VMware Player 3.1.2\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n VMware Player for Windows 32-bit and 64-bit\t\n md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n VMware Player for Linux 32-bit\t\n md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n VMware Player for Linux 64-bit\t\n md5sum: 2ab08e0d4050719845a64d334ca15bb1\n sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n VMware ACE Management Server 2.7.2\n ----------------------------------\n http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n Release notes:\n http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n ACE Management Server for Windows\t\n md5sum: 02f0072b8e48a98ed914b633f070d550\n sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23 VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-960-1 July 08, 2010\nlibpng vulnerabilities\nCVE-2010-1205, CVE-2010-2249\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.04\nUbuntu 9.10\nUbuntu 10.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libpng12-0 1.2.8rel-5ubuntu0.6\n\nUbuntu 8.04 LTS:\n libpng12-0 1.2.15~beta5-3ubuntu0.3\n\nUbuntu 9.04:\n libpng12-0 1.2.27-2ubuntu2.2\n\nUbuntu 9.10:\n libpng12-0 1.2.37-1ubuntu0.2\n\nUbuntu 10.04 LTS:\n libpng12-0 1.2.42-1ubuntu2.1\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nDetails follow:\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into opening a crafted\nPNG file, an attacker could cause a denial of service or possibly execute\narbitrary code with the privileges of the user invoking the program. \n(CVE-2010-1205)\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into processing a\ncrafted PNG image, an attacker could possibly use this flaw to consume all\navailable resources, resulting in a denial of service. (CVE-2010-2249)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz\n Size/MD5: 24044 8979ca6b113137fe5ee051c1c70571eb\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc\n Size/MD5: 661 92722fa973e92a99f982fe05b5826adf\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb\n Size/MD5: 842 dcbc7d24c8426e3b3024859ec157f57e\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb\n Size/MD5: 114528 aea355e99e67b76c9464f8cc49b3560d\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb\n Size/MD5: 247576 f0e52e10a663f9b1b04d9371d4a2cf14\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb\n Size/MD5: 69504 6536e83152b2cf00d0d961b9b095c2d5\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb\n Size/MD5: 112048 b8f85cc6154602422a8841a5cad1a4a1\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb\n Size/MD5: 239628 fb6f6e62a9fa6114c50946c74cb2ed5d\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb\n Size/MD5: 66946 501acb21d567d62608904e4272ff842d\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb\n Size/MD5: 111648 19cccb12fb968f40f04068b9da24f589\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb\n Size/MD5: 245230 ebdbfc860056170b7a165479d7905bb3\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb\n Size/MD5: 66458 24e918a95770150b4df72530bd6de095\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb\n Size/MD5: 109156 510d17affd2c0cf3f5dce5379df57d49\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb\n Size/MD5: 240072 1ff11e0649a58bc7b809c86941aaafd7\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb\n Size/MD5: 63882 d7df02c540e66a536cbffca5d02645d5\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz\n Size/MD5: 22755 f5c0ba19b04eba8264ebb6b30c5617d6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc\n Size/MD5: 832 d08a82b28411baa0184d3b8231fd8b61\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb\n Size/MD5: 940 7344fa4e61880636b014525f6e6482a1\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb\n Size/MD5: 190186 01f82b2b967c5212e834dd57c12c1a7c\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb\n Size/MD5: 179752 c26e243dd21f5dd10b478c0415215c1c\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb\n Size/MD5: 70534 5f7628d9b644ae953c515d18f7de9980\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb\n Size/MD5: 188782 51354007cca0796218e3aaeba6142c41\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb\n Size/MD5: 171216 b7a092ef2f5955b380adc015bfae6c81\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb\n Size/MD5: 69082 7612cd438ddfaab236de5f342f709b66\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb\n Size/MD5: 189664 4825baf36c5d14b5066d548aaf050866\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb\n Size/MD5: 172962 b16b496d6553fbf28523147617011b95\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb\n Size/MD5: 70020 61f5d75c4435333ef586677a07d49915\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n Size/MD5: 190300 8ac6e4c1efb73de848d5bc5457093e7a\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n Size/MD5: 179166 d92637edf805d7d673a4440b2605dc57\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb\n Size/MD5: 70604 adf25dd26d85725ab3c74c4a80a7a541\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb\n Size/MD5: 185622 ef3cf5486afe387d09bf05106893b371\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb\n Size/MD5: 173422 4b2f3476b423a3c5c31ee0738bfb4458\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb\n Size/MD5: 65928 ab5ac0b24d618dc432d1763a0e50ebda\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz\n Size/MD5: 176459 b2f27af9534f3c5b9a120680cd41ce7c\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc\n Size/MD5: 1296 b66efe2157ab6f3dad6e57b4fe9dbf13\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb\n Size/MD5: 932 1c66e49e2b875fa40c5556c19d076508\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb\n Size/MD5: 72852 a1bbcffd25c3ec87cbdf86be154962fc\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb\n Size/MD5: 168576 9f40f2846c21aa5835f53ab6895ec5cf\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb\n Size/MD5: 255784 d9060ad287e40ded1848b79284abbcc0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb\n Size/MD5: 71102 c18134055d747d066b60218b69e99d45\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb\n Size/MD5: 166904 e8151a3f79f0fff6d98bbb0675621594\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb\n Size/MD5: 247922 ae8412d1c420f1dd63cb436382cad51f\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb\n Size/MD5: 71488 5179307ffe74c10515e61503e647606f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb\n Size/MD5: 167370 dd07d7a09484eb7711da5cd874099abe\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb\n Size/MD5: 248872 a34333b123f4d12e7872868111942cbd\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb\n Size/MD5: 71674 f742f2771d94ca29746906c1177d657d\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb\n Size/MD5: 167514 478378fde5c7fd14fbffa1be072aa21c\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb\n Size/MD5: 254642 ba3f255f4346a4483c5410d55acaac65\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb\n Size/MD5: 66670 ee067298bc51471f06bcf1a74b557310\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb\n Size/MD5: 162336 ab167dcdbbd930a3d976af0ad57cbac2\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb\n Size/MD5: 248428 8b96f4ff4f0ad8e366ed4475d3890948\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz\n Size/MD5: 20129 f230ec37944a0150ffc83cfdddc7c906\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc\n Size/MD5: 1293 fce0b2fd543aeff27d47fb91f12af053\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz\n Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb\n Size/MD5: 932 cee669d58ac9660e1fe71cf9e2eeda9d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb\n Size/MD5: 73938 15bb328beed6ab3287967c54e4177018\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb\n Size/MD5: 175088 f003cc7565826cfcc337ab409ffc6e8f\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb\n Size/MD5: 265400 2d26dc0e9ddb6c2010776fbbcb82d791\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb\n Size/MD5: 70444 a80af68dda6ff1aa3168040d33600e64\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb\n Size/MD5: 171594 3fca9df961cc3616b75f6518ab870a68\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb\n Size/MD5: 255474 1ab05dffaa25e1d9190d0ea872b0fbd8\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb\n Size/MD5: 71066 0495b247d489438259937bee1f17761f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb\n Size/MD5: 172296 730fd7a16f9496e37ffee99ea68d15a6\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb\n Size/MD5: 257350 fff93fe6a558aef20e20b8b8f15227e7\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb\n Size/MD5: 72524 8e92aaedc8e6fabafed81cca60a833e9\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb\n Size/MD5: 173720 055336debc8a5b9ff92e6cae9998ac94\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb\n Size/MD5: 264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb\n Size/MD5: 67348 44b9c2989661e116d78b809a8657a5c8\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb\n Size/MD5: 168516 b98b4872db6f90caf0f43da67197dec0\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb\n Size/MD5: 257634 eb673ad114284bbd9be37e1c322e1bfb\n\nUpdated packages for Ubuntu 10.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2\n Size/MD5: 19511 ac49d7354c1ab87a91dbad607733629f\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc\n Size/MD5: 1299 dae31f78418d5db8c3476d7562859658\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2\n Size/MD5: 670811 9a5cbe9798927fdf528f3186a8840ebe\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb\n Size/MD5: 926 602d7036448637b45c1eacbc31e05640\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb\n Size/MD5: 74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb\n Size/MD5: 180006 3b5339fe77bcdae97bb2a318496a192e\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb\n Size/MD5: 271858 ae0c6a1e973dad2b0a0685fd863c096d\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb\n Size/MD5: 70692 b264bdd0086f3451e42df7f840ab894a\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb\n Size/MD5: 176510 03c3d70135e907f21b2342972d8a9b40\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb\n Size/MD5: 261728 955b40272944dd988ee39b62d8c6606c\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb\n Size/MD5: 73380 ad2cda1c89c55c473121da33a40294f6\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb\n Size/MD5: 179272 b6623c3dcdc841a762308f889c8b478e\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb\n Size/MD5: 271898 fcccfdb0eb4bc3a3470a83888f8bae28\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb\n Size/MD5: 69258 ec2047ed5079933d6dbeb841a0207c59\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb\n Size/MD5: 175214 142020dfd126d2335bc93bad6a714799\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb\n Size/MD5: 265174 06843a4a028c5533e89d5562cbeb2047\n\n\n\n. Latest xulrunner and\n mozilla-thunderbird has been patched as a precaution for 2008.0 wheres\n on 2009.0 and up the the system libpng library is used instead of the\n bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is\n therefore also being provided with this advisory. \n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm\n 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm\n 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm\n fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm\n d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm\n 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm\n 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm\n b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm\n b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm\n 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm\n 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm\n ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm\n 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm\n c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm\n fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm\n c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm\n 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm\n ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm\n 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm\n bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm\n e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm\n 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm\n df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm\n 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm\n 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm\n 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm\n 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm\n 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm\n abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm\n bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm\n 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm\n d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm\n 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm\n 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm\n 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Corporate 4.0:\n be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm\n 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm\n 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm\n e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm\n 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm\n 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm\n e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm\n e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm\n 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm\n 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm\n c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm\n 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm\n 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX\nKlOM1C8b0XVNVFF83vXPz9A=\n=E10C\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2249"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2249",
"trust": 3.4
},
{
"db": "BID",
"id": "41174",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "40302",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-1612",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "40472",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "41574",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42317",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40547",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42314",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40336",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-2491",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1837",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1755",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-3046",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1877",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1637",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-3045",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1846",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1024723",
"trust": 1.7
},
{
"db": "XF",
"id": "59816",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-44854",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1837",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3046",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3045",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1612",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/2491",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1637",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1846",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1877",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1755",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2249",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94522",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94244",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91619",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91878",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"id": "VAR-201006-0260",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T23:25:32.161000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4456"
},
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4457"
},
{
"title": "HT4554",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4554"
},
{
"title": "HT4566",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4566"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435"
},
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4456?viewlocale=ja_JP"
},
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4457?viewlocale=ja_JP"
},
{
"title": "HT4554",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP"
},
{
"title": "HT4566",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4566?viewlocale=ja_JP"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP"
},
{
"title": "libpng-1.2.10-7.1.3.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1210"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"title": "libpng-1.2.44-README",
"trust": 0.8,
"url": "http://www.libpng.org/pub/png/src/libpng-1.2.44-README.txt"
},
{
"title": "2078",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2078"
},
{
"title": "2079",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2079"
},
{
"title": "RHSA-2010:0534",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0534.html"
},
{
"title": "multiple_vulnerabilities_in_libpng",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng"
},
{
"title": "VMSA-2010-0014",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"title": "libpng-1.4.1.tar.xz",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=216"
},
{
"title": "libpng-1.4.1.tar.gz",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=215"
},
{
"title": "linpng_txt.zip",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=219"
},
{
"title": "libpng-1.4.1.tar.bz2",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=214"
},
{
"title": "lpng141.zip",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=218"
},
{
"title": "lpng141.7z",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=217"
},
{
"title": "Debian CVElist Bug Report Logs: libpng: CVE-2010-1205 and CVE-2010-2249",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=184c5adf52ad398a58919ac7993ba9b9"
},
{
"title": "Ubuntu Security Notice: libpng vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-960-1"
},
{
"title": "Debian Security Advisories: DSA-2072-1 libpng -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=3e96a347c5dea429ac96a3e5e90fb285"
},
{
"title": "VMware Security Advisories: VMware Workstation, Player, and ACE address several security issues.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=b3571bd7da36d47dd9d3066ad9612f4c"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-401",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/41174"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/40302"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/1612"
},
{
"trust": 2.1,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1024723"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40336"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40472"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40547"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/41574"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42314"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42317"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00004.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044283.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044397.html"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:133"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-960-1"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4456"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4457"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4554"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4566"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
},
{
"trust": 1.7,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3ba=commitdiff%3bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/59816"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu935740"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2249"
},
{
"trust": 0.7,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2010-2249"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2010:0534"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_libpng"
},
{
"trust": 0.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa65"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100092842"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100093925"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100108439"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100148396"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb27244"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2010\u0026amp;m=slackware-security.613061"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/401.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587670"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/960-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22585"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201010-01.xml"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisoiries"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6218"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-6218"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44854"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"date": "2010-06-25T00:00:00",
"db": "BID",
"id": "41174"
},
{
"date": "2010-10-05T22:16:57",
"db": "PACKETSTORM",
"id": "94522"
},
{
"date": "2010-07-20T00:53:34",
"db": "PACKETSTORM",
"id": "91973"
},
{
"date": "2010-09-25T18:50:30",
"db": "PACKETSTORM",
"id": "94244"
},
{
"date": "2010-07-08T21:03:46",
"db": "PACKETSTORM",
"id": "91619"
},
{
"date": "2010-07-16T04:34:46",
"db": "PACKETSTORM",
"id": "91878"
},
{
"date": "2010-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"date": "2010-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"date": "2010-06-30T18:30:01.847000",
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-44854"
},
{
"date": "2020-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"date": "2015-04-13T21:46:00",
"db": "BID",
"id": "41174"
},
{
"date": "2023-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libpng include pngrutil.c Memory leak vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
],
"trust": 0.6
}
}
VAR-200708-0612
Vulnerability from variot - Updated: 2026-03-09 23:25The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. Apache HTTP Server of mod_proxy The module includes modules/proxy/proxy_util.c When an invalid data header is processed in the service, the read operation is executed beyond the buffer area, resulting in an interruption in service operation. (DoS) There is a vulnerability that becomes a condition.When processing a specially crafted data header by a third party, the proxy server cache processing crashes and disrupts service operation (DoS) It may be in a state. The Apache mod_proxy module is prone to a denial-of-service vulnerability. A remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM). =========================================================== Ubuntu Security Notice USN-575-1 February 04, 2008 apache2 vulnerabilities CVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-mpm-perchild 2.0.55-4ubuntu2.3 apache2-mpm-prefork 2.0.55-4ubuntu2.3 apache2-mpm-worker 2.0.55-4ubuntu2.3
Ubuntu 6.10: apache2-mpm-perchild 2.0.55-4ubuntu4.2 apache2-mpm-prefork 2.0.55-4ubuntu4.2 apache2-mpm-worker 2.0.55-4ubuntu4.2
Ubuntu 7.04: apache2-mpm-event 2.2.3-3.2ubuntu2.1 apache2-mpm-perchild 2.2.3-3.2ubuntu2.1 apache2-mpm-prefork 2.2.3-3.2ubuntu2.1 apache2-mpm-worker 2.2.3-3.2ubuntu2.1
Ubuntu 7.10: apache2-mpm-event 2.2.4-3ubuntu0.1 apache2-mpm-perchild 2.2.4-3ubuntu0.1 apache2-mpm-prefork 2.2.4-3ubuntu0.1 apache2-mpm-worker 2.2.4-3ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. This was only vulnerable in Ubuntu 6.06. (CVE-2006-3918)
It was discovered that when configured as a proxy server and using a threaded MPM, Apache did not properly sanitize its input. By default, mod_proxy is disabled in Ubuntu. (CVE-2007-3847)
It was discovered that mod_autoindex did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. (CVE-2007-4465)
It was discovered that mod_imap/mod_imagemap did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)
It was discovered that mod_status when status pages were available, allowed for cross-site scripting attacks. By default, mod_status is disabled in Ubuntu. (CVE-2007-6388)
It was discovered that mod_proxy_balancer did not sanitize its input, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6421)
It was discovered that mod_proxy_balancer could be made to dereference a NULL pointer. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)
It was discovered that mod_proxy_ftp did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz
Size/MD5: 121305 10359a467847b63f8d6603081450fece
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc
Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb
Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 171402 3b7567107864cf36953e7911a4851738
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 172186 85a591ea061cbc727fc261b046781502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 94240 b80027348754c493312269f7410b38fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 285664 76f4879738a0a788414316581ac2010b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 144250 3cd8327429958569a306257da57e8be0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 786052 7bdddb451607eeb2abb9706641675397
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 215932 bee4a6e00371117203647fd3a311658a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 219800 aaf4968deba24912e4981f35a367a086
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 93282 1ae6def788c74750d79055784c0d8006
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 267832 96c149638daeb993250b18c9f4285abf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz
Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc
Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb
Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 145340 109c93408c5197be50960cce80c23b7c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209552 8a23207211e54b138d5a87c15c097908
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 171636 07616e459905bad152a8669c8f670436
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 222022 e37ef7d710800e568d838242d3129725
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 208354 0a571678c269d1da06787dac56567f1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212052 90754ccdcd95e652413426376078d223
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz
Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc
Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 971426 30db1106dfea5106da54d2287c02a380
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 403974 65a11cfaee921517445cf74ed04df701
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434308 2073137bb138dc52bbace666714f4e14
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 343774 880faca3543426734431c29de77c3048
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz
Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc
Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz
Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 278032 4f8270cff0a532bd059741b366047da9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 435354 f3557e1a87154424e9144cf672110e93
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8
. An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
[ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01182588 Version: 1
HPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-10 Last Updated: 2007-10-10
Potential Security Impact: Remote Unauthorized Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
References: CVE-2007-3847, CVE-2007-3304
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache 2.0.59.00
BACKGROUND
To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended action has been taken.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision B.2.0.59.00.0 or subsequent restart Apache URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01 hpuxwsAPACHE,revision=B.2.0.59.00
action: install revision B.2.0.59.00.0 or subsequent restart Apache URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability.
OS Release Depot name MD5 Sum
B.11.11 (IPv4) HPUXWSA-B218-01-1111ipv4.depot eb3bb933baac0f05e1e0809ef1e84eb2
B.11.11 (IPv6) HPUXWSA-B218-01-1111ipv6.depot 540a56b155699336bcbfac0eaf87e3ce
B.11.23 PA-32 HPUXWSA-B218-01-1123-32.depot 2900a0cbea01b6905dc768680fbd5381
B.11.23 IA-64 HPUXWSA-B218-01-1123-64.depot 3be084d96e8a509692e37c71c0184014
B.11.31 PA-32 HPUXWSA-B218-01-1131-32.depot 861122eef70f1b53d68c5adafc64cdb5
B.11.31 IA-64 HPUXWSA-B218-01-1131-64.depot 8dc57222257fe27fb5994da16e91f9a4
The updates are available from: ftp://ssrt1476:ssrt1476@hprc.external.hp.com/ ftp://ssrt1476:ssrt1476@192.170.19.100/
MANUAL ACTIONS: Yes - Update Install Apache 2.0.59.00.0 or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 10 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux
TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRw4UMuAfOvwtKn1ZEQLDowCgnVZZuBkuV66atvv6mh6sxARqYYkAmQEy 7CP41v96ckMOtfU4yeG76pv2 =VMzd -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2009-0010 Synopsis: VMware Hosted products update libpng and Apache HTTP Server Issue date: 2009-08-20 Updated on: 2009-08-20 (initial release of advisory) CVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863 CVE-2006-5752 CVE-2007-3304 CVE-2007-6388 CVE-2007-5000 CVE-2008-0005
- Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved. Likewise, a similar crash could occur on sites with a forward proxy configured if a user could be persuaded to visit a malicious site using the proxy (CVE-2007-3847). On sites where directory listings are used and the AddDefaultCharset directive was removed from the configuration, a cross-site-scripting attack could be possible against browsers that to not correctly derive the response character set according to the rules in RGC 2616 (CVE-2007-4465).
The updated packages have been patched to correct this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Updated Packages:
Mandriva Linux 2007.0: 9bb73822e8ae92ba87aa8baa21d467d1 2007.0/i586/apache-base-2.2.3-1.2mdv2007.0.i586.rpm 1949631d7fc0f87c91ba5dd9e738e036 2007.0/i586/apache-devel-2.2.3-1.2mdv2007.0.i586.rpm 3fed692d7b2eefe64bdd5f557fb0d838 2007.0/i586/apache-htcacheclean-2.2.3-1.2mdv2007.0.i586.rpm 86b32442b40c9e8ee9ba4bc1def61157 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.i586.rpm a6ca98077bee65a270a7777f6a3f3b60 2007.0/i586/apache-mod_cache-2.2.3-1.2mdv2007.0.i586.rpm 3bf50ab09740de6e718dc38e5320a3f7 2007.0/i586/apache-mod_dav-2.2.3-1.2mdv2007.0.i586.rpm 11e3dde4beab554a1523261979852fee 2007.0/i586/apache-mod_dbd-2.2.3-1.2mdv2007.0.i586.rpm 993926a12a2b5192059961a8bcbf4e2c 2007.0/i586/apache-mod_deflate-2.2.3-1.2mdv2007.0.i586.rpm 8553d309d0b537732375fbf0ab6c3187 2007.0/i586/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.i586.rpm 83a1fce76091ea660989b5b310d545ab 2007.0/i586/apache-mod_file_cache-2.2.3-1.2mdv2007.0.i586.rpm c7799b98922ee0e2f5bd114a3b2f3816 2007.0/i586/apache-mod_ldap-2.2.3-1.2mdv2007.0.i586.rpm b3e79d78c26282b39322910be91cd410 2007.0/i586/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.i586.rpm 6c72e3c58cb10447304328c2f863651a 2007.0/i586/apache-mod_proxy-2.2.3-1.2mdv2007.0.i586.rpm a6d09de71a6b7bf7bb1cafc187777be7 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.i586.rpm 05eee18af88226fb76766a9b88d843a8 2007.0/i586/apache-mod_ssl-2.2.3-1.2mdv2007.0.i586.rpm c499609426acef2255940cab04a28b5c 2007.0/i586/apache-mod_userdir-2.2.3-1.2mdv2007.0.i586.rpm bcd0563b948d8958de5a8da12e5ecd85 2007.0/i586/apache-modules-2.2.3-1.2mdv2007.0.i586.rpm 5c4777a2db7fd28b233d1bcc1d570a70 2007.0/i586/apache-mpm-prefork-2.2.3-1.2mdv2007.0.i586.rpm fa38945281388cfd4d37d2f98187a0b0 2007.0/i586/apache-mpm-worker-2.2.3-1.2mdv2007.0.i586.rpm 30e14fac38a58a8ab4bf59a6ecb59f9a 2007.0/i586/apache-source-2.2.3-1.2mdv2007.0.i586.rpm 9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 3301ff7aa05c7cb14eecfc82d1d7fe33 2007.0/x86_64/apache-base-2.2.3-1.2mdv2007.0.x86_64.rpm f0f6cc2cc841959558ab0222d975a9cc 2007.0/x86_64/apache-devel-2.2.3-1.2mdv2007.0.x86_64.rpm 7bf4dbf62cd08717fc3704798d0c839d 2007.0/x86_64/apache-htcacheclean-2.2.3-1.2mdv2007.0.x86_64.rpm ecb3772fac317f54303d1d67c2b1c7a2 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm c6cb91541e0f7a24b337da09ee7eb248 2007.0/x86_64/apache-mod_cache-2.2.3-1.2mdv2007.0.x86_64.rpm f39c5879ff62c5d8dcc41ae73d1ca0cd 2007.0/x86_64/apache-mod_dav-2.2.3-1.2mdv2007.0.x86_64.rpm 562dc2a4e6246fa7dde9986af40ec847 2007.0/x86_64/apache-mod_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm 7be58654d28b2fc0207c3e44370cd118 2007.0/x86_64/apache-mod_deflate-2.2.3-1.2mdv2007.0.x86_64.rpm 6e4314853613d0d9fdd048c8ee96a510 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.x86_64.rpm 5fd5dc78b84bb5579291d27f626cb660 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.2mdv2007.0.x86_64.rpm d5eecb080611220807820106c24b1e22 2007.0/x86_64/apache-mod_ldap-2.2.3-1.2mdv2007.0.x86_64.rpm bed61f6dcb6311d99fb97225a0b48849 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.x86_64.rpm f0d3bb15ba884824380ef1cf0bd129b8 2007.0/x86_64/apache-mod_proxy-2.2.3-1.2mdv2007.0.x86_64.rpm 8f8969581110089a51cf506b8566315e 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.x86_64.rpm 1a40d73c8fbbae8868f09ef947407dad 2007.0/x86_64/apache-mod_ssl-2.2.3-1.2mdv2007.0.x86_64.rpm 0cd432c837a9ba4795bda96b1d3cc98c 2007.0/x86_64/apache-mod_userdir-2.2.3-1.2mdv2007.0.x86_64.rpm f05d88bc8f9c163ca787c30e7bd84e52 2007.0/x86_64/apache-modules-2.2.3-1.2mdv2007.0.x86_64.rpm f5431063918c470fa1ccd6e23db4c70d 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.2mdv2007.0.x86_64.rpm 0db10b3a236c2f59a93eb2bc6ee6c35d 2007.0/x86_64/apache-mpm-worker-2.2.3-1.2mdv2007.0.x86_64.rpm 71f52e6e3afba9d1d923cc64291eb98f 2007.0/x86_64/apache-source-2.2.3-1.2mdv2007.0.x86_64.rpm 9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm
Mandriva Linux 2007.1: e443a21ce0b058aede2aaf82d12d22f7 2007.1/i586/apache-base-2.2.4-6.3mdv2007.1.i586.rpm 6d17234fb69995d52c012bb22f52bab3 2007.1/i586/apache-devel-2.2.4-6.3mdv2007.1.i586.rpm 6a44621592a2320b6d0e9549eceea6a9 2007.1/i586/apache-htcacheclean-2.2.4-6.3mdv2007.1.i586.rpm d0405211b42d562933cd2f802a4276bc 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.i586.rpm 3fd09fafa06eb4e08ad975f9972f28f8 2007.1/i586/apache-mod_cache-2.2.4-6.3mdv2007.1.i586.rpm d61498465662a9c4a7f77f2dcc9438a7 2007.1/i586/apache-mod_dav-2.2.4-6.3mdv2007.1.i586.rpm fbb6c3ccfd793a8f2b9889ed399d5aad 2007.1/i586/apache-mod_dbd-2.2.4-6.3mdv2007.1.i586.rpm 0e67be9eaacb5f8686acdd95d26b8b47 2007.1/i586/apache-mod_deflate-2.2.4-6.3mdv2007.1.i586.rpm f1a050f23e3bc518b8aecd3c6cd5fd91 2007.1/i586/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.i586.rpm d95079c4a7627fe47d529dbe99549023 2007.1/i586/apache-mod_file_cache-2.2.4-6.3mdv2007.1.i586.rpm b24dcaec7dc26c107ff0962d46c7b3a1 2007.1/i586/apache-mod_ldap-2.2.4-6.3mdv2007.1.i586.rpm 98e97b3bd11ca7939aef2bae47c2c497 2007.1/i586/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.i586.rpm bffefef1346635e79f04d0ae56169ab1 2007.1/i586/apache-mod_proxy-2.2.4-6.3mdv2007.1.i586.rpm 0c5881d9e76e9ae20470a954200465ae 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.i586.rpm 21f665113f11b4b88330b887254023f8 2007.1/i586/apache-mod_ssl-2.2.4-6.3mdv2007.1.i586.rpm 192801a60a254a58b57e2f1377ce42c4 2007.1/i586/apache-mod_userdir-2.2.4-6.3mdv2007.1.i586.rpm 51fc25858a4ee79d2fd2cfe460c90708 2007.1/i586/apache-modules-2.2.4-6.3mdv2007.1.i586.rpm d6256083a3df248847340d3c14ecb9ff 2007.1/i586/apache-mpm-event-2.2.4-6.3mdv2007.1.i586.rpm 1359ad128d2d7a24d9211cf7f0276e15 2007.1/i586/apache-mpm-itk-2.2.4-6.3mdv2007.1.i586.rpm d65ac7009e90022455c79debf48cdbdb 2007.1/i586/apache-mpm-prefork-2.2.4-6.3mdv2007.1.i586.rpm f1d8883b5e633cbb6e3832e7b3c4a4cb 2007.1/i586/apache-mpm-worker-2.2.4-6.3mdv2007.1.i586.rpm 947251a0ac81cb912bc4c900bb80e6e7 2007.1/i586/apache-source-2.2.4-6.3mdv2007.1.i586.rpm 299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 444c86d0a5711e30534400781c0cbcf1 2007.1/x86_64/apache-base-2.2.4-6.3mdv2007.1.x86_64.rpm 02514acbf20766b1486389ce4d3e1ed0 2007.1/x86_64/apache-devel-2.2.4-6.3mdv2007.1.x86_64.rpm f6f4126d5a414d7ca686395173aaa3b4 2007.1/x86_64/apache-htcacheclean-2.2.4-6.3mdv2007.1.x86_64.rpm 1a45be10e44347c913d6493a0d3ad25f 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm 5e6df108e6fb0083ffe96810f41bc9ea 2007.1/x86_64/apache-mod_cache-2.2.4-6.3mdv2007.1.x86_64.rpm 31877eb202cbc9cf0869a3d7bc51b47a 2007.1/x86_64/apache-mod_dav-2.2.4-6.3mdv2007.1.x86_64.rpm 33a4ce4f105fbed60b2cdfc73fd524c6 2007.1/x86_64/apache-mod_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm e093528141ed7cd178ae27743ed4ea69 2007.1/x86_64/apache-mod_deflate-2.2.4-6.3mdv2007.1.x86_64.rpm 697a3930734d4570db3aeadc0aac2032 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.x86_64.rpm c8a20e21d7b07363c8efc8b23078a5e8 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.3mdv2007.1.x86_64.rpm d42e4f3cc5ca6ac006d3e4bb7a750273 2007.1/x86_64/apache-mod_ldap-2.2.4-6.3mdv2007.1.x86_64.rpm e8fc195d18dbb431257dd816bdfa7845 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.x86_64.rpm ce7184cd8abf4aa7c98d47a64133c19f 2007.1/x86_64/apache-mod_proxy-2.2.4-6.3mdv2007.1.x86_64.rpm 98957b99a54cb32d6ba055d5f059b7ec 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.x86_64.rpm 17b824837cf63210790e6201154cb94a 2007.1/x86_64/apache-mod_ssl-2.2.4-6.3mdv2007.1.x86_64.rpm 5a2d9f93603eebdde04f8967a07b063d 2007.1/x86_64/apache-mod_userdir-2.2.4-6.3mdv2007.1.x86_64.rpm 44f0ad99c93ae8905a2d32b799dc1520 2007.1/x86_64/apache-modules-2.2.4-6.3mdv2007.1.x86_64.rpm c5c469771e2f25683ddba3f694e28968 2007.1/x86_64/apache-mpm-event-2.2.4-6.3mdv2007.1.x86_64.rpm b691f2e760bdd30c797e46269842a437 2007.1/x86_64/apache-mpm-itk-2.2.4-6.3mdv2007.1.x86_64.rpm fa3551d06a7af5a31a040f90dd215a1d 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.3mdv2007.1.x86_64.rpm 8d2a09ba2b175cd36bbc0dc6dc4c18ea 2007.1/x86_64/apache-mpm-worker-2.2.4-6.3mdv2007.1.x86_64.rpm 7037cb86ca137f40364749a0933b432c 2007.1/x86_64/apache-source-2.2.4-6.3mdv2007.1.x86_64.rpm 299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm
Corporate 3.0: 5bbdb8ac0d8133c1b09d373cbe35f5ea corporate/3.0/i586/apache2-2.0.48-6.15.C30mdk.i586.rpm e14dfcec88913b5245d683502ff684d1 corporate/3.0/i586/apache2-common-2.0.48-6.15.C30mdk.i586.rpm 642b4136b2e2915db59801888b41d1e6 corporate/3.0/i586/apache2-devel-2.0.48-6.15.C30mdk.i586.rpm c8824d8aa09e4917f9b35b1c659b5181 corporate/3.0/i586/apache2-manual-2.0.48-6.15.C30mdk.i586.rpm 09af9e7945caec7163a12be1a14302ee corporate/3.0/i586/apache2-mod_cache-2.0.48-6.15.C30mdk.i586.rpm 374a782a9211ee321f31a4e716d6bb97 corporate/3.0/i586/apache2-mod_dav-2.0.48-6.15.C30mdk.i586.rpm 88a31c94bc077aa0a91f000b839d4b69 corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.15.C30mdk.i586.rpm 8e55a5d1949805b0a6a4f84d571ab4ff corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.i586.rpm 16b573b8a914ab130ac660cce8bddfdb corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.15.C30mdk.i586.rpm 68fdee10fc216a354849a6fc5d89e7cf corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.15.C30mdk.i586.rpm 9e75fe104df971a7a707efb0d6735288 corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.i586.rpm 006f66a419a5f81085bc6fd74e4c1235 corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.15.C30mdk.i586.rpm f0910407a4042202cec58ebdb74127d3 corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.15.C30mdk.i586.rpm 43578ffa09c88aa636c6df329cebe81a corporate/3.0/i586/apache2-modules-2.0.48-6.15.C30mdk.i586.rpm c5c8b21b0bbc8e57f81baa317ccba3f3 corporate/3.0/i586/apache2-source-2.0.48-6.15.C30mdk.i586.rpm f38fcbb77b956304d63d36ad7b003b05 corporate/3.0/i586/libapr0-2.0.48-6.15.C30mdk.i586.rpm aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm
Corporate 3.0/X86_64: 52f3a65b7c0e82d517e66d4b176aa33e corporate/3.0/x86_64/apache2-2.0.48-6.15.C30mdk.x86_64.rpm b54119aca1142e9e9a848cbc18f2a5d0 corporate/3.0/x86_64/apache2-common-2.0.48-6.15.C30mdk.x86_64.rpm e5ac1fdacf86a8214105cc13d3c439aa corporate/3.0/x86_64/apache2-devel-2.0.48-6.15.C30mdk.x86_64.rpm 1bc73ab39962a806585f1c669b8c1f7e corporate/3.0/x86_64/apache2-manual-2.0.48-6.15.C30mdk.x86_64.rpm 87af39a3721856a710383cd51815fbaf corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.15.C30mdk.x86_64.rpm c03c3c1774c1baafaf44a4bb17ca74c6 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.15.C30mdk.x86_64.rpm 0ef802c1187c979d48db6ae4672fb21b corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.15.C30mdk.x86_64.rpm c7d6772332baffc85fd1472e018f5546 corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.x86_64.rpm 45965308167632623ff93de397d4041d corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.15.C30mdk.x86_64.rpm 17e2a48cc23d7983351706745c7cd553 corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.15.C30mdk.x86_64.rpm 5b047d484852dd9a2000028d8dcfb7e6 corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.x86_64.rpm a5f32074ec310263bc03648b81d44173 corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.15.C30mdk.x86_64.rpm 79c4a90fa0ab3bfa8dbe9b12daeff4cd corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.15.C30mdk.x86_64.rpm 15af8e5591d5ff99f5c157a0c01d4174 corporate/3.0/x86_64/apache2-modules-2.0.48-6.15.C30mdk.x86_64.rpm 462316c74fff690d2e98116ddf614d54 corporate/3.0/x86_64/apache2-source-2.0.48-6.15.C30mdk.x86_64.rpm 20553b85bf243e5986af1a3551549ed8 corporate/3.0/x86_64/lib64apr0-2.0.48-6.15.C30mdk.x86_64.rpm aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm
Corporate 4.0: 7d50fe1ac32dec6c4d57dd850950bdb1 corporate/4.0/i586/apache-base-2.2.3-1.2.20060mlcs4.i586.rpm 775785cf1a22f45a64d800fdfcc4a8bc corporate/4.0/i586/apache-devel-2.2.3-1.2.20060mlcs4.i586.rpm 79b64bb1793933f1c8b83e7eee2d4cfa corporate/4.0/i586/apache-htcacheclean-2.2.3-1.2.20060mlcs4.i586.rpm eac03081a34897376d542b7032dd03c2 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.i586.rpm 2c223bb1645aadfba8e6d1d6a2c8756c corporate/4.0/i586/apache-mod_cache-2.2.3-1.2.20060mlcs4.i586.rpm e4c4c07473f9644fc146e2f4d9ce95c8 corporate/4.0/i586/apache-mod_dav-2.2.3-1.2.20060mlcs4.i586.rpm 13f85bc068b14e497873c6028520580a corporate/4.0/i586/apache-mod_dbd-2.2.3-1.2.20060mlcs4.i586.rpm aaa52a86e4a6d3e5322fa140edc5535a corporate/4.0/i586/apache-mod_deflate-2.2.3-1.2.20060mlcs4.i586.rpm 574e07826a89f78883f2cfb3ca224e8c corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.i586.rpm 451efb60480fd0680b6c4f955c46ccf4 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.i586.rpm 73fa350b85ea63a5b3f69d8d387474aa corporate/4.0/i586/apache-mod_ldap-2.2.3-1.2.20060mlcs4.i586.rpm d2364f995210cdbbe324df10d49bef98 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.i586.rpm 145b17e675a42bed7b3a8c5ee883cf45 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.2.20060mlcs4.i586.rpm 92b82835be476736295c15954f2a9eb6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.i586.rpm 0dd6c7df0e3ea475b6b2d50ef4aa5ac0 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.2.20060mlcs4.i586.rpm d579208689ec9a72a599bf3510bdf942 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.2.20060mlcs4.i586.rpm 6fd43dfcfc649c8bcd4692ba9ebeee07 corporate/4.0/i586/apache-modules-2.2.3-1.2.20060mlcs4.i586.rpm 9fbf1dde58f17e3f0f29a8c3f1e1b6b6 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.i586.rpm 72f26a52381b68a8bbc6e2fcc9c0ac8c corporate/4.0/i586/apache-mpm-worker-2.2.3-1.2.20060mlcs4.i586.rpm 99a935e7047a27043159b6555d3444c7 corporate/4.0/i586/apache-source-2.2.3-1.2.20060mlcs4.i586.rpm 07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 35a789ac173ed3cc0dda52270a194bad corporate/4.0/x86_64/apache-base-2.2.3-1.2.20060mlcs4.x86_64.rpm e9df753a94dfb136780651ac743e50eb corporate/4.0/x86_64/apache-devel-2.2.3-1.2.20060mlcs4.x86_64.rpm 3964c83541baaf5af0ccc828282a1954 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.2.20060mlcs4.x86_64.rpm 554ea610010d5f361bcc87d75d8d0f6f corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm 051c20e0f062d50a01c51ebad7dcb96d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm 59a05bd258ba6b4729238885d2fc0273 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.2.20060mlcs4.x86_64.rpm ceb391b54796f3ea763b81c5085da16c corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm 307726e1c4dfcca90093c19e3d17f504 corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.2.20060mlcs4.x86_64.rpm 1500f6520843c6604192e4a621d5b9f1 corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm e0ac5eb68e21253d33928fa28f0acb25 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm 21c68fdaf26b13ed2177bf458979df1e corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.2.20060mlcs4.x86_64.rpm 28ef0171caf2d11cca8fe4f0bf2473db corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm 019893e83acbfb730f79a8eb364ea042 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.2.20060mlcs4.x86_64.rpm 202b1fc0dd2d9364530abbbb13f799b0 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.x86_64.rpm 5cd3084106482b3f01b41cd716c702b8 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.2.20060mlcs4.x86_64.rpm 6a18ec0935144ead6f037f41e852a892 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.2.20060mlcs4.x86_64.rpm 622bb60b53fb48aef1b5a7fc94be3298 corporate/4.0/x86_64/apache-modules-2.2.3-1.2.20060mlcs4.x86_64.rpm f573d1aef5f29f14f8764fce5ea31a1d corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.x86_64.rpm 842d5d6ef1c73fcb0b41b9ff18a75960 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.2.20060mlcs4.x86_64.rpm 1cae994b8a6fb2d2aa9a803d7bb3178d corporate/4.0/x86_64/apache-source-2.2.3-1.2.20060mlcs4.x86_64.rpm 07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 463f2a0de557bfcf7ae0655e5381b22f mnf/2.0/i586/apache2-2.0.48-6.16.M20mdk.i586.rpm 56117551a5480c85920263bcefb32c09 mnf/2.0/i586/apache2-common-2.0.48-6.16.M20mdk.i586.rpm c7496b0bb82f802cd8d17819ee1308bc mnf/2.0/i586/apache2-devel-2.0.48-6.16.M20mdk.i586.rpm 6be15ca61d9a7cc4cc4c7e4e55c4ffd1 mnf/2.0/i586/apache2-manual-2.0.48-6.16.M20mdk.i586.rpm 766a15298990769f14e5ad00745b9c7f mnf/2.0/i586/apache2-mod_cache-2.0.48-6.16.M20mdk.i586.rpm 21d7b83f3e1b80874c5c007c6659c470 mnf/2.0/i586/apache2-mod_dav-2.0.48-6.16.M20mdk.i586.rpm 417055a9758a47db50fcd7ec0a7d4047 mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.16.M20mdk.i586.rpm 90d4aa462e8edf12c52216fa4eeac6a1 mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.16.M20mdk.i586.rpm fbeb5bc02ada67198541cb4e1c2b1b27 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.16.M20mdk.i586.rpm 0f2e617217d9f418182ca89bab9703f0 mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.16.M20mdk.i586.rpm 50e9dc2b73be1f0f3a45ca7da1adbcbf mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.16.M20mdk.i586.rpm 8352541a45d2c76ab840ca6f4b070ffb mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.16.M20mdk.i586.rpm 5744f88c6e59f26418f1f3f531f30734 mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.16.M20mdk.i586.rpm 874dc6a00a02630401f7efeadc93935e mnf/2.0/i586/apache2-modules-2.0.48-6.16.M20mdk.i586.rpm efbd0f5ac6f292474d29f83d36bf86eb mnf/2.0/i586/apache2-source-2.0.48-6.16.M20mdk.i586.rpm 15bd1fcd65bd487b6fd5bba0a8ec530d mnf/2.0/i586/libapr0-2.0.48-6.16.M20mdk.i586.rpm 0e6b7bac08407b02457479763d27e885 mnf/2.0/SRPMS/apache2-2.0.48-6.16.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHVGk3mqjQ0CJFipgRAi2wAKCPuJzkUkyI8lcVRJ3Vu6IbvxMFrQCg3Qxf w5lEeF1m8B+hT513FJVA1po= =c4oi -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"_id": null,
"model": "fedora core",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "6"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.10"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.59 and earlier"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard"
},
{
"_id": null,
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition version 4"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise edition"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "1.3.28"
},
{
"_id": null,
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"_id": null,
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise version 6"
},
{
"_id": null,
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard edition"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47"
},
{
"_id": null,
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.4 and earlier"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "version"
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard version 6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional version 6"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard edition version 4"
},
{
"_id": null,
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard"
},
{
"_id": null,
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light version 6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard version 6"
},
{
"_id": null,
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "architect"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "platform"
},
{
"_id": null,
"model": "http server",
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.0"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"_id": null,
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"_id": null,
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "application stack",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v20"
},
{
"_id": null,
"model": "application stack for enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"_id": null,
"model": "application stack for enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"_id": null,
"model": "hat fedora core7",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"_id": null,
"model": "hat fedora core6",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.9"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.11"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"_id": null,
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"_id": null,
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.41"
},
{
"_id": null,
"model": "software foundation apache 2.2.6-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "software foundation apache 2.0.61-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "25489"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
}
]
},
"credits": {
"_id": null,
"data": "The vendor disclosed this vulnerability.",
"sources": [
{
"db": "BID",
"id": "25489"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
}
],
"trust": 0.9
},
"cve": "CVE-2007-3847",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-3847",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3847",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-3847",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200708-391",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-3847",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"description": {
"_id": null,
"data": "The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. Apache HTTP Server of mod_proxy The module includes modules/proxy/proxy_util.c When an invalid data header is processed in the service, the read operation is executed beyond the buffer area, resulting in an interruption in service operation. (DoS) There is a vulnerability that becomes a condition.When processing a specially crafted data header by a third party, the proxy server cache processing crashes and disrupts service operation (DoS) It may be in a state. The Apache mod_proxy module is prone to a denial-of-service vulnerability. \nA remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM). =========================================================== \nUbuntu Security Notice USN-575-1 February 04, 2008\napache2 vulnerabilities\nCVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000,\nCVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-mpm-perchild 2.0.55-4ubuntu2.3\n apache2-mpm-prefork 2.0.55-4ubuntu2.3\n apache2-mpm-worker 2.0.55-4ubuntu2.3\n\nUbuntu 6.10:\n apache2-mpm-perchild 2.0.55-4ubuntu4.2\n apache2-mpm-prefork 2.0.55-4ubuntu4.2\n apache2-mpm-worker 2.0.55-4ubuntu4.2\n\nUbuntu 7.04:\n apache2-mpm-event 2.2.3-3.2ubuntu2.1\n apache2-mpm-perchild 2.2.3-3.2ubuntu2.1\n apache2-mpm-prefork 2.2.3-3.2ubuntu2.1\n apache2-mpm-worker 2.2.3-3.2ubuntu2.1\n\nUbuntu 7.10:\n apache2-mpm-event 2.2.4-3ubuntu0.1\n apache2-mpm-perchild 2.2.4-3ubuntu0.1\n apache2-mpm-prefork 2.2.4-3ubuntu0.1\n apache2-mpm-worker 2.2.4-3ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that Apache did not sanitize the Expect header from\nan HTTP request when it is reflected back in an error message, which\ncould result in browsers becoming vulnerable to cross-site scripting\nattacks when processing the output. With cross-site scripting\nvulnerabilities, if a user were tricked into viewing server output\nduring a crafted server request, a remote attacker could exploit this\nto modify the contents, or steal confidential data (such as passwords),\nwithin the same domain. This was only vulnerable in Ubuntu 6.06. \n(CVE-2006-3918)\n\nIt was discovered that when configured as a proxy server and using a\nthreaded MPM, Apache did not properly sanitize its input. By default, mod_proxy is disabled in\nUbuntu. (CVE-2007-3847)\n\nIt was discovered that mod_autoindex did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. (CVE-2007-4465)\n\nIt was discovered that mod_imap/mod_imagemap did not force a\ncharacter set, which could result in browsers becoming vulnerable\nto cross-site scripting attacks when processing the output. By\ndefault, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)\n\nIt was discovered that mod_status when status pages were available,\nallowed for cross-site scripting attacks. By default, mod_status is\ndisabled in Ubuntu. (CVE-2007-6388)\n\nIt was discovered that mod_proxy_balancer did not sanitize its input,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. By default,\nmod_proxy_balancer is disabled in Ubuntu. This was only vulnerable\nin Ubuntu 7.04 and 7.10. (CVE-2007-6421)\n\nIt was discovered that mod_proxy_balancer could be made to\ndereference a NULL pointer. By\ndefault, mod_proxy_balancer is disabled in Ubuntu. This was only\nvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)\n\nIt was discovered that mod_proxy_ftp did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. By default,\nmod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz\n Size/MD5: 121305 10359a467847b63f8d6603081450fece\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc\n Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb\n Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 171402 3b7567107864cf36953e7911a4851738\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 172186 85a591ea061cbc727fc261b046781502\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 94240 b80027348754c493312269f7410b38fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 285664 76f4879738a0a788414316581ac2010b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 144250 3cd8327429958569a306257da57e8be0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 786052 7bdddb451607eeb2abb9706641675397\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 215932 bee4a6e00371117203647fd3a311658a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 219800 aaf4968deba24912e4981f35a367a086\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 93282 1ae6def788c74750d79055784c0d8006\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 267832 96c149638daeb993250b18c9f4285abf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz\n Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc\n Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb\n Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 145340 109c93408c5197be50960cce80c23b7c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209552 8a23207211e54b138d5a87c15c097908\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 171636 07616e459905bad152a8669c8f670436\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 222022 e37ef7d710800e568d838242d3129725\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 208354 0a571678c269d1da06787dac56567f1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212052 90754ccdcd95e652413426376078d223\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz\n Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc\n Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 971426 30db1106dfea5106da54d2287c02a380\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 403974 65a11cfaee921517445cf74ed04df701\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434308 2073137bb138dc52bbace666714f4e14\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 343774 880faca3543426734431c29de77c3048\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz\n Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc\n Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz\n Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 278032 4f8270cff0a532bd059741b366047da9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 435354 f3557e1a87154424e9144cf672110e93\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8\n\n. An error\nhas been discovered in the recall_headers() function in mod_mem_cache\n(CVE-2007-1862). The mod_cache module does not properly sanitize\nrequests before processing them (CVE-2007-1863). The Prefork module\ndoes not properly check PID values before sending signals\n(CVE-2007-3304). The mod_proxy module does not correctly check headers\nbefore processing them (CVE-2007-3847). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.0.59-r5\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n [ 2 ] CVE-2007-1862\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862\n [ 3 ] CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n [ 4 ] CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n [ 5 ] CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n [ 6 ] CVE-2007-4465\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200711-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01182588\nVersion: 1\n\nHPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-10\nLast Updated: 2007-10-10\n\nPotential Security Impact: Remote Unauthorized Denial of Service (DoS) \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS). \n\nReferences: CVE-2007-3847, CVE-2007-3304\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache 2.0.59.00\n\nBACKGROUND\n\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended action has been taken. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision B.2.0.59.00.0 or subsequent \nrestart Apache \nURL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \nhpuxwsAPACHE,revision=B.2.0.59.00 \n\naction: install revision B.2.0.59.00.0 or subsequent \nrestart Apache \nURL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \n\nOS Release \n Depot name \n MD5 Sum \n \nB.11.11 (IPv4)\n HPUXWSA-B218-01-1111ipv4.depot\n eb3bb933baac0f05e1e0809ef1e84eb2\n \nB.11.11 (IPv6) \n HPUXWSA-B218-01-1111ipv6.depot\n 540a56b155699336bcbfac0eaf87e3ce\n \nB.11.23 PA-32\n HPUXWSA-B218-01-1123-32.depot\n 2900a0cbea01b6905dc768680fbd5381\n \nB.11.23 IA-64\n HPUXWSA-B218-01-1123-64.depot\n 3be084d96e8a509692e37c71c0184014\n \nB.11.31 PA-32\n HPUXWSA-B218-01-1131-32.depot\n 861122eef70f1b53d68c5adafc64cdb5\n \nB.11.31 IA-64\n HPUXWSA-B218-01-1131-64.depot\n 8dc57222257fe27fb5994da16e91f9a4\n \n\nThe updates are available from: \nftp://ssrt1476:ssrt1476@hprc.external.hp.com/ \nftp://ssrt1476:ssrt1476@192.170.19.100/ \n\nMANUAL ACTIONS: Yes - Update \nInstall Apache 2.0.59.00.0 or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 10 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n -verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS \nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\n\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRw4UMuAfOvwtKn1ZEQLDowCgnVZZuBkuV66atvv6mh6sxARqYYkAmQEy\n7CP41v96ckMOtfU4yeG76pv2\n=VMzd\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2009-0010\nSynopsis: VMware Hosted products update libpng and Apache HTTP\n Server\nIssue date: 2009-08-20\nUpdated on: 2009-08-20 (initial release of advisory)\nCVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863\n CVE-2006-5752 CVE-2007-3304 CVE-2007-6388\n CVE-2007-5000 CVE-2008-0005\n- ------------------------------------------------------------------------\n\n1. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. Likewise, a similar crash\n could occur on sites with a forward proxy configured if a user could\n be persuaded to visit a malicious site using the proxy (CVE-2007-3847). On sites where\n directory listings are used and the AddDefaultCharset directive was\n removed from the configuration, a cross-site-scripting attack could\n be possible against browsers that to not correctly derive the response\n character set according to the rules in RGC 2616 (CVE-2007-4465). \n \n The updated packages have been patched to correct this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 9bb73822e8ae92ba87aa8baa21d467d1 2007.0/i586/apache-base-2.2.3-1.2mdv2007.0.i586.rpm\n 1949631d7fc0f87c91ba5dd9e738e036 2007.0/i586/apache-devel-2.2.3-1.2mdv2007.0.i586.rpm\n 3fed692d7b2eefe64bdd5f557fb0d838 2007.0/i586/apache-htcacheclean-2.2.3-1.2mdv2007.0.i586.rpm\n 86b32442b40c9e8ee9ba4bc1def61157 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.i586.rpm\n a6ca98077bee65a270a7777f6a3f3b60 2007.0/i586/apache-mod_cache-2.2.3-1.2mdv2007.0.i586.rpm\n 3bf50ab09740de6e718dc38e5320a3f7 2007.0/i586/apache-mod_dav-2.2.3-1.2mdv2007.0.i586.rpm\n 11e3dde4beab554a1523261979852fee 2007.0/i586/apache-mod_dbd-2.2.3-1.2mdv2007.0.i586.rpm\n 993926a12a2b5192059961a8bcbf4e2c 2007.0/i586/apache-mod_deflate-2.2.3-1.2mdv2007.0.i586.rpm\n 8553d309d0b537732375fbf0ab6c3187 2007.0/i586/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.i586.rpm\n 83a1fce76091ea660989b5b310d545ab 2007.0/i586/apache-mod_file_cache-2.2.3-1.2mdv2007.0.i586.rpm\n c7799b98922ee0e2f5bd114a3b2f3816 2007.0/i586/apache-mod_ldap-2.2.3-1.2mdv2007.0.i586.rpm\n b3e79d78c26282b39322910be91cd410 2007.0/i586/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.i586.rpm\n 6c72e3c58cb10447304328c2f863651a 2007.0/i586/apache-mod_proxy-2.2.3-1.2mdv2007.0.i586.rpm\n a6d09de71a6b7bf7bb1cafc187777be7 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.i586.rpm\n 05eee18af88226fb76766a9b88d843a8 2007.0/i586/apache-mod_ssl-2.2.3-1.2mdv2007.0.i586.rpm\n c499609426acef2255940cab04a28b5c 2007.0/i586/apache-mod_userdir-2.2.3-1.2mdv2007.0.i586.rpm\n bcd0563b948d8958de5a8da12e5ecd85 2007.0/i586/apache-modules-2.2.3-1.2mdv2007.0.i586.rpm\n 5c4777a2db7fd28b233d1bcc1d570a70 2007.0/i586/apache-mpm-prefork-2.2.3-1.2mdv2007.0.i586.rpm\n fa38945281388cfd4d37d2f98187a0b0 2007.0/i586/apache-mpm-worker-2.2.3-1.2mdv2007.0.i586.rpm\n 30e14fac38a58a8ab4bf59a6ecb59f9a 2007.0/i586/apache-source-2.2.3-1.2mdv2007.0.i586.rpm \n 9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 3301ff7aa05c7cb14eecfc82d1d7fe33 2007.0/x86_64/apache-base-2.2.3-1.2mdv2007.0.x86_64.rpm\n f0f6cc2cc841959558ab0222d975a9cc 2007.0/x86_64/apache-devel-2.2.3-1.2mdv2007.0.x86_64.rpm\n 7bf4dbf62cd08717fc3704798d0c839d 2007.0/x86_64/apache-htcacheclean-2.2.3-1.2mdv2007.0.x86_64.rpm\n ecb3772fac317f54303d1d67c2b1c7a2 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm\n c6cb91541e0f7a24b337da09ee7eb248 2007.0/x86_64/apache-mod_cache-2.2.3-1.2mdv2007.0.x86_64.rpm\n f39c5879ff62c5d8dcc41ae73d1ca0cd 2007.0/x86_64/apache-mod_dav-2.2.3-1.2mdv2007.0.x86_64.rpm\n 562dc2a4e6246fa7dde9986af40ec847 2007.0/x86_64/apache-mod_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm\n 7be58654d28b2fc0207c3e44370cd118 2007.0/x86_64/apache-mod_deflate-2.2.3-1.2mdv2007.0.x86_64.rpm\n 6e4314853613d0d9fdd048c8ee96a510 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.x86_64.rpm\n 5fd5dc78b84bb5579291d27f626cb660 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.2mdv2007.0.x86_64.rpm\n d5eecb080611220807820106c24b1e22 2007.0/x86_64/apache-mod_ldap-2.2.3-1.2mdv2007.0.x86_64.rpm\n bed61f6dcb6311d99fb97225a0b48849 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.x86_64.rpm\n f0d3bb15ba884824380ef1cf0bd129b8 2007.0/x86_64/apache-mod_proxy-2.2.3-1.2mdv2007.0.x86_64.rpm\n 8f8969581110089a51cf506b8566315e 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.x86_64.rpm\n 1a40d73c8fbbae8868f09ef947407dad 2007.0/x86_64/apache-mod_ssl-2.2.3-1.2mdv2007.0.x86_64.rpm\n 0cd432c837a9ba4795bda96b1d3cc98c 2007.0/x86_64/apache-mod_userdir-2.2.3-1.2mdv2007.0.x86_64.rpm\n f05d88bc8f9c163ca787c30e7bd84e52 2007.0/x86_64/apache-modules-2.2.3-1.2mdv2007.0.x86_64.rpm\n f5431063918c470fa1ccd6e23db4c70d 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.2mdv2007.0.x86_64.rpm\n 0db10b3a236c2f59a93eb2bc6ee6c35d 2007.0/x86_64/apache-mpm-worker-2.2.3-1.2mdv2007.0.x86_64.rpm\n 71f52e6e3afba9d1d923cc64291eb98f 2007.0/x86_64/apache-source-2.2.3-1.2mdv2007.0.x86_64.rpm \n 9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n e443a21ce0b058aede2aaf82d12d22f7 2007.1/i586/apache-base-2.2.4-6.3mdv2007.1.i586.rpm\n 6d17234fb69995d52c012bb22f52bab3 2007.1/i586/apache-devel-2.2.4-6.3mdv2007.1.i586.rpm\n 6a44621592a2320b6d0e9549eceea6a9 2007.1/i586/apache-htcacheclean-2.2.4-6.3mdv2007.1.i586.rpm\n d0405211b42d562933cd2f802a4276bc 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.i586.rpm\n 3fd09fafa06eb4e08ad975f9972f28f8 2007.1/i586/apache-mod_cache-2.2.4-6.3mdv2007.1.i586.rpm\n d61498465662a9c4a7f77f2dcc9438a7 2007.1/i586/apache-mod_dav-2.2.4-6.3mdv2007.1.i586.rpm\n fbb6c3ccfd793a8f2b9889ed399d5aad 2007.1/i586/apache-mod_dbd-2.2.4-6.3mdv2007.1.i586.rpm\n 0e67be9eaacb5f8686acdd95d26b8b47 2007.1/i586/apache-mod_deflate-2.2.4-6.3mdv2007.1.i586.rpm\n f1a050f23e3bc518b8aecd3c6cd5fd91 2007.1/i586/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.i586.rpm\n d95079c4a7627fe47d529dbe99549023 2007.1/i586/apache-mod_file_cache-2.2.4-6.3mdv2007.1.i586.rpm\n b24dcaec7dc26c107ff0962d46c7b3a1 2007.1/i586/apache-mod_ldap-2.2.4-6.3mdv2007.1.i586.rpm\n 98e97b3bd11ca7939aef2bae47c2c497 2007.1/i586/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.i586.rpm\n bffefef1346635e79f04d0ae56169ab1 2007.1/i586/apache-mod_proxy-2.2.4-6.3mdv2007.1.i586.rpm\n 0c5881d9e76e9ae20470a954200465ae 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.i586.rpm\n 21f665113f11b4b88330b887254023f8 2007.1/i586/apache-mod_ssl-2.2.4-6.3mdv2007.1.i586.rpm\n 192801a60a254a58b57e2f1377ce42c4 2007.1/i586/apache-mod_userdir-2.2.4-6.3mdv2007.1.i586.rpm\n 51fc25858a4ee79d2fd2cfe460c90708 2007.1/i586/apache-modules-2.2.4-6.3mdv2007.1.i586.rpm\n d6256083a3df248847340d3c14ecb9ff 2007.1/i586/apache-mpm-event-2.2.4-6.3mdv2007.1.i586.rpm\n 1359ad128d2d7a24d9211cf7f0276e15 2007.1/i586/apache-mpm-itk-2.2.4-6.3mdv2007.1.i586.rpm\n d65ac7009e90022455c79debf48cdbdb 2007.1/i586/apache-mpm-prefork-2.2.4-6.3mdv2007.1.i586.rpm\n f1d8883b5e633cbb6e3832e7b3c4a4cb 2007.1/i586/apache-mpm-worker-2.2.4-6.3mdv2007.1.i586.rpm\n 947251a0ac81cb912bc4c900bb80e6e7 2007.1/i586/apache-source-2.2.4-6.3mdv2007.1.i586.rpm \n 299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 444c86d0a5711e30534400781c0cbcf1 2007.1/x86_64/apache-base-2.2.4-6.3mdv2007.1.x86_64.rpm\n 02514acbf20766b1486389ce4d3e1ed0 2007.1/x86_64/apache-devel-2.2.4-6.3mdv2007.1.x86_64.rpm\n f6f4126d5a414d7ca686395173aaa3b4 2007.1/x86_64/apache-htcacheclean-2.2.4-6.3mdv2007.1.x86_64.rpm\n 1a45be10e44347c913d6493a0d3ad25f 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm\n 5e6df108e6fb0083ffe96810f41bc9ea 2007.1/x86_64/apache-mod_cache-2.2.4-6.3mdv2007.1.x86_64.rpm\n 31877eb202cbc9cf0869a3d7bc51b47a 2007.1/x86_64/apache-mod_dav-2.2.4-6.3mdv2007.1.x86_64.rpm\n 33a4ce4f105fbed60b2cdfc73fd524c6 2007.1/x86_64/apache-mod_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm\n e093528141ed7cd178ae27743ed4ea69 2007.1/x86_64/apache-mod_deflate-2.2.4-6.3mdv2007.1.x86_64.rpm\n 697a3930734d4570db3aeadc0aac2032 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.x86_64.rpm\n c8a20e21d7b07363c8efc8b23078a5e8 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.3mdv2007.1.x86_64.rpm\n d42e4f3cc5ca6ac006d3e4bb7a750273 2007.1/x86_64/apache-mod_ldap-2.2.4-6.3mdv2007.1.x86_64.rpm\n e8fc195d18dbb431257dd816bdfa7845 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.x86_64.rpm\n ce7184cd8abf4aa7c98d47a64133c19f 2007.1/x86_64/apache-mod_proxy-2.2.4-6.3mdv2007.1.x86_64.rpm\n 98957b99a54cb32d6ba055d5f059b7ec 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.x86_64.rpm\n 17b824837cf63210790e6201154cb94a 2007.1/x86_64/apache-mod_ssl-2.2.4-6.3mdv2007.1.x86_64.rpm\n 5a2d9f93603eebdde04f8967a07b063d 2007.1/x86_64/apache-mod_userdir-2.2.4-6.3mdv2007.1.x86_64.rpm\n 44f0ad99c93ae8905a2d32b799dc1520 2007.1/x86_64/apache-modules-2.2.4-6.3mdv2007.1.x86_64.rpm\n c5c469771e2f25683ddba3f694e28968 2007.1/x86_64/apache-mpm-event-2.2.4-6.3mdv2007.1.x86_64.rpm\n b691f2e760bdd30c797e46269842a437 2007.1/x86_64/apache-mpm-itk-2.2.4-6.3mdv2007.1.x86_64.rpm\n fa3551d06a7af5a31a040f90dd215a1d 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.3mdv2007.1.x86_64.rpm\n 8d2a09ba2b175cd36bbc0dc6dc4c18ea 2007.1/x86_64/apache-mpm-worker-2.2.4-6.3mdv2007.1.x86_64.rpm\n 7037cb86ca137f40364749a0933b432c 2007.1/x86_64/apache-source-2.2.4-6.3mdv2007.1.x86_64.rpm \n 299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm\n\n Corporate 3.0:\n 5bbdb8ac0d8133c1b09d373cbe35f5ea corporate/3.0/i586/apache2-2.0.48-6.15.C30mdk.i586.rpm\n e14dfcec88913b5245d683502ff684d1 corporate/3.0/i586/apache2-common-2.0.48-6.15.C30mdk.i586.rpm\n 642b4136b2e2915db59801888b41d1e6 corporate/3.0/i586/apache2-devel-2.0.48-6.15.C30mdk.i586.rpm\n c8824d8aa09e4917f9b35b1c659b5181 corporate/3.0/i586/apache2-manual-2.0.48-6.15.C30mdk.i586.rpm\n 09af9e7945caec7163a12be1a14302ee corporate/3.0/i586/apache2-mod_cache-2.0.48-6.15.C30mdk.i586.rpm\n 374a782a9211ee321f31a4e716d6bb97 corporate/3.0/i586/apache2-mod_dav-2.0.48-6.15.C30mdk.i586.rpm\n 88a31c94bc077aa0a91f000b839d4b69 corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.15.C30mdk.i586.rpm\n 8e55a5d1949805b0a6a4f84d571ab4ff corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.i586.rpm\n 16b573b8a914ab130ac660cce8bddfdb corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.15.C30mdk.i586.rpm\n 68fdee10fc216a354849a6fc5d89e7cf corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.15.C30mdk.i586.rpm\n 9e75fe104df971a7a707efb0d6735288 corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.i586.rpm\n 006f66a419a5f81085bc6fd74e4c1235 corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.15.C30mdk.i586.rpm\n f0910407a4042202cec58ebdb74127d3 corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.15.C30mdk.i586.rpm\n 43578ffa09c88aa636c6df329cebe81a corporate/3.0/i586/apache2-modules-2.0.48-6.15.C30mdk.i586.rpm\n c5c8b21b0bbc8e57f81baa317ccba3f3 corporate/3.0/i586/apache2-source-2.0.48-6.15.C30mdk.i586.rpm\n f38fcbb77b956304d63d36ad7b003b05 corporate/3.0/i586/libapr0-2.0.48-6.15.C30mdk.i586.rpm \n aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52f3a65b7c0e82d517e66d4b176aa33e corporate/3.0/x86_64/apache2-2.0.48-6.15.C30mdk.x86_64.rpm\n b54119aca1142e9e9a848cbc18f2a5d0 corporate/3.0/x86_64/apache2-common-2.0.48-6.15.C30mdk.x86_64.rpm\n e5ac1fdacf86a8214105cc13d3c439aa corporate/3.0/x86_64/apache2-devel-2.0.48-6.15.C30mdk.x86_64.rpm\n 1bc73ab39962a806585f1c669b8c1f7e corporate/3.0/x86_64/apache2-manual-2.0.48-6.15.C30mdk.x86_64.rpm\n 87af39a3721856a710383cd51815fbaf corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.15.C30mdk.x86_64.rpm\n c03c3c1774c1baafaf44a4bb17ca74c6 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.15.C30mdk.x86_64.rpm\n 0ef802c1187c979d48db6ae4672fb21b corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.15.C30mdk.x86_64.rpm\n c7d6772332baffc85fd1472e018f5546 corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.x86_64.rpm\n 45965308167632623ff93de397d4041d corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.15.C30mdk.x86_64.rpm\n 17e2a48cc23d7983351706745c7cd553 corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.15.C30mdk.x86_64.rpm\n 5b047d484852dd9a2000028d8dcfb7e6 corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.x86_64.rpm\n a5f32074ec310263bc03648b81d44173 corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.15.C30mdk.x86_64.rpm\n 79c4a90fa0ab3bfa8dbe9b12daeff4cd corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.15.C30mdk.x86_64.rpm\n 15af8e5591d5ff99f5c157a0c01d4174 corporate/3.0/x86_64/apache2-modules-2.0.48-6.15.C30mdk.x86_64.rpm\n 462316c74fff690d2e98116ddf614d54 corporate/3.0/x86_64/apache2-source-2.0.48-6.15.C30mdk.x86_64.rpm\n 20553b85bf243e5986af1a3551549ed8 corporate/3.0/x86_64/lib64apr0-2.0.48-6.15.C30mdk.x86_64.rpm \n aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm\n\n Corporate 4.0:\n 7d50fe1ac32dec6c4d57dd850950bdb1 corporate/4.0/i586/apache-base-2.2.3-1.2.20060mlcs4.i586.rpm\n 775785cf1a22f45a64d800fdfcc4a8bc corporate/4.0/i586/apache-devel-2.2.3-1.2.20060mlcs4.i586.rpm\n 79b64bb1793933f1c8b83e7eee2d4cfa corporate/4.0/i586/apache-htcacheclean-2.2.3-1.2.20060mlcs4.i586.rpm\n eac03081a34897376d542b7032dd03c2 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.i586.rpm\n 2c223bb1645aadfba8e6d1d6a2c8756c corporate/4.0/i586/apache-mod_cache-2.2.3-1.2.20060mlcs4.i586.rpm\n e4c4c07473f9644fc146e2f4d9ce95c8 corporate/4.0/i586/apache-mod_dav-2.2.3-1.2.20060mlcs4.i586.rpm\n 13f85bc068b14e497873c6028520580a corporate/4.0/i586/apache-mod_dbd-2.2.3-1.2.20060mlcs4.i586.rpm\n aaa52a86e4a6d3e5322fa140edc5535a corporate/4.0/i586/apache-mod_deflate-2.2.3-1.2.20060mlcs4.i586.rpm\n 574e07826a89f78883f2cfb3ca224e8c corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.i586.rpm\n 451efb60480fd0680b6c4f955c46ccf4 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.i586.rpm\n 73fa350b85ea63a5b3f69d8d387474aa corporate/4.0/i586/apache-mod_ldap-2.2.3-1.2.20060mlcs4.i586.rpm\n d2364f995210cdbbe324df10d49bef98 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.i586.rpm\n 145b17e675a42bed7b3a8c5ee883cf45 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.2.20060mlcs4.i586.rpm\n 92b82835be476736295c15954f2a9eb6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.i586.rpm\n 0dd6c7df0e3ea475b6b2d50ef4aa5ac0 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.2.20060mlcs4.i586.rpm\n d579208689ec9a72a599bf3510bdf942 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.2.20060mlcs4.i586.rpm\n 6fd43dfcfc649c8bcd4692ba9ebeee07 corporate/4.0/i586/apache-modules-2.2.3-1.2.20060mlcs4.i586.rpm\n 9fbf1dde58f17e3f0f29a8c3f1e1b6b6 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.i586.rpm\n 72f26a52381b68a8bbc6e2fcc9c0ac8c corporate/4.0/i586/apache-mpm-worker-2.2.3-1.2.20060mlcs4.i586.rpm\n 99a935e7047a27043159b6555d3444c7 corporate/4.0/i586/apache-source-2.2.3-1.2.20060mlcs4.i586.rpm \n 07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 35a789ac173ed3cc0dda52270a194bad corporate/4.0/x86_64/apache-base-2.2.3-1.2.20060mlcs4.x86_64.rpm\n e9df753a94dfb136780651ac743e50eb corporate/4.0/x86_64/apache-devel-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 3964c83541baaf5af0ccc828282a1954 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 554ea610010d5f361bcc87d75d8d0f6f corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 051c20e0f062d50a01c51ebad7dcb96d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 59a05bd258ba6b4729238885d2fc0273 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.2.20060mlcs4.x86_64.rpm\n ceb391b54796f3ea763b81c5085da16c corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 307726e1c4dfcca90093c19e3d17f504 corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 1500f6520843c6604192e4a621d5b9f1 corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm\n e0ac5eb68e21253d33928fa28f0acb25 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 21c68fdaf26b13ed2177bf458979df1e corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 28ef0171caf2d11cca8fe4f0bf2473db corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 019893e83acbfb730f79a8eb364ea042 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 202b1fc0dd2d9364530abbbb13f799b0 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 5cd3084106482b3f01b41cd716c702b8 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 6a18ec0935144ead6f037f41e852a892 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 622bb60b53fb48aef1b5a7fc94be3298 corporate/4.0/x86_64/apache-modules-2.2.3-1.2.20060mlcs4.x86_64.rpm\n f573d1aef5f29f14f8764fce5ea31a1d corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 842d5d6ef1c73fcb0b41b9ff18a75960 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 1cae994b8a6fb2d2aa9a803d7bb3178d corporate/4.0/x86_64/apache-source-2.2.3-1.2.20060mlcs4.x86_64.rpm \n 07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 463f2a0de557bfcf7ae0655e5381b22f mnf/2.0/i586/apache2-2.0.48-6.16.M20mdk.i586.rpm\n 56117551a5480c85920263bcefb32c09 mnf/2.0/i586/apache2-common-2.0.48-6.16.M20mdk.i586.rpm\n c7496b0bb82f802cd8d17819ee1308bc mnf/2.0/i586/apache2-devel-2.0.48-6.16.M20mdk.i586.rpm\n 6be15ca61d9a7cc4cc4c7e4e55c4ffd1 mnf/2.0/i586/apache2-manual-2.0.48-6.16.M20mdk.i586.rpm\n 766a15298990769f14e5ad00745b9c7f mnf/2.0/i586/apache2-mod_cache-2.0.48-6.16.M20mdk.i586.rpm\n 21d7b83f3e1b80874c5c007c6659c470 mnf/2.0/i586/apache2-mod_dav-2.0.48-6.16.M20mdk.i586.rpm\n 417055a9758a47db50fcd7ec0a7d4047 mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.16.M20mdk.i586.rpm\n 90d4aa462e8edf12c52216fa4eeac6a1 mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.16.M20mdk.i586.rpm\n fbeb5bc02ada67198541cb4e1c2b1b27 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.16.M20mdk.i586.rpm\n 0f2e617217d9f418182ca89bab9703f0 mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.16.M20mdk.i586.rpm\n 50e9dc2b73be1f0f3a45ca7da1adbcbf mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.16.M20mdk.i586.rpm\n 8352541a45d2c76ab840ca6f4b070ffb mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.16.M20mdk.i586.rpm\n 5744f88c6e59f26418f1f3f531f30734 mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.16.M20mdk.i586.rpm\n 874dc6a00a02630401f7efeadc93935e mnf/2.0/i586/apache2-modules-2.0.48-6.16.M20mdk.i586.rpm\n efbd0f5ac6f292474d29f83d36bf86eb mnf/2.0/i586/apache2-source-2.0.48-6.16.M20mdk.i586.rpm\n 15bd1fcd65bd487b6fd5bba0a8ec530d mnf/2.0/i586/libapr0-2.0.48-6.16.M20mdk.i586.rpm \n 0e6b7bac08407b02457479763d27e885 mnf/2.0/SRPMS/apache2-2.0.48-6.16.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFHVGk3mqjQ0CJFipgRAi2wAKCPuJzkUkyI8lcVRJ3Vu6IbvxMFrQCg3Qxf\nw5lEeF1m8B+hT513FJVA1po=\n=c4oi\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3847"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "BID",
"id": "25489"
},
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "61459"
}
],
"trust": 2.43
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2007-3847",
"trust": 3.3
},
{
"db": "BID",
"id": "25489",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "26636",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2007-3955",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3283",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3095",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3020",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0233",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3494",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27593",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28922",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26993",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28606",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26842",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26790",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27971",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27563",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27209",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26952",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27882",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28749",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28467",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26722",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018633",
"trust": 1.7
},
{
"db": "USCERT",
"id": "SA08-150A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2007-3847",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60039",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "61459",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "BID",
"id": "25489"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "61459"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"id": "VAR-200708-0612",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2026-03-09T23:25:31.724000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Fixed in Apache httpd 2.0.61-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.61-dev"
},
{
"title": "Fixed in Apache httpd 2.2.6-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.6-dev"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1249"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897?viewlocale=ja_JP"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1249?viewlocale=ja_JP"
},
{
"title": "httpd-2.2.3-11.1AX",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=71"
},
{
"title": "HS07-039",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-039_e/index-e.html"
},
{
"title": "HPSBUX02273",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01182588"
},
{
"title": "HPSBUX02273",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02273.html"
},
{
"title": "PK55141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK55141"
},
{
"title": "Fix Pack 13 (6.1.0.13)",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951#61013"
},
{
"title": "PK50469",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK50469"
},
{
"title": "4017141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017141"
},
{
"title": "4017303",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017303"
},
{
"title": "httpd (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1190"
},
{
"title": "httpd (V3.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1224"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html"
},
{
"title": "RHSA-2007:0746",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0746.html"
},
{
"title": "RHSA-2007:0747",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0747.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0005.html"
},
{
"title": "July 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update"
},
{
"title": "HS07-039",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security/vuls/HS07-039/index.html"
},
{
"title": "RHSA-2007:0746",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0746J.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0005J.html"
},
{
"title": "RHSA-2007:0747",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0747J.html"
},
{
"title": "interstage_as_200802",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200802.html"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2007-3847: apache2 denial of service vulnerability (for threaded MPMs) in mod_proxy",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=0e9801bee76cc4795aeabe2ccbf7d7f4"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-575-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2007-3847 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/25489"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=apache-cvs\u0026m=118592992309395\u0026w=2"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-500.htm"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk50469"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200711-06.xml"
},
{
"trust": 1.7,
"url": "https://issues.rpath.com/browse/rpl-1710"
},
{
"trust": 1.7,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=186219"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-september/msg00353.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:235"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0911.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0746.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0747.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018633"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26636"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26722"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26790"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26842"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26952"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26993"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27209"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27563"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27593"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27732"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27882"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27971"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/docview.wss?rs=180\u0026uid=swg27007951"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28467"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-575-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28749"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28606"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28922"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0233"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3494"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3020"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3955"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3095"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3283"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01182588"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10525"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=apache-httpd-dev\u0026m=118595556504202\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=apache-httpd-dev\u0026m=118595953217856\u0026w=2"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/3020"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-150a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-150a/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3847"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/26636/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-150a.html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2007:0746"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2007:0747"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd-dev\u0026m=118595556504202\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.info/?l=apache-"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2007-3847"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2010:0602"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2008:0005"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250731"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2007:0911"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs."
},
{
"trust": 0.6,
"url": "httpd-dev\u0026m=118595953217856\u0026w=2"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?rs=180\u0026uid=swg24017334"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?rs=180\u0026uid=swg27010985#new"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?rs=180\u0026uid=swg27004980#ver61"
},
{
"trust": 0.3,
"url": "/archive/1/482486"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement1.3.html"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0746.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0747.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0911.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2007-3847"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/575-1/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "BID",
"id": "25489"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "61459"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2007-3847",
"ident": null
},
{
"db": "BID",
"id": "25489",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "63262",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "60759",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "60039",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "61459",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2007-3847",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2007-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3847",
"ident": null
},
{
"date": "2007-08-30T00:00:00",
"db": "BID",
"id": "25489",
"ident": null
},
{
"date": "2008-02-05T00:41:56",
"db": "PACKETSTORM",
"id": "63262",
"ident": null
},
{
"date": "2007-11-07T20:27:55",
"db": "PACKETSTORM",
"id": "60759",
"ident": null
},
{
"date": "2007-10-12T04:41:53",
"db": "PACKETSTORM",
"id": "60039",
"ident": null
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"date": "2007-12-04T05:30:30",
"db": "PACKETSTORM",
"id": "61459",
"ident": null
},
{
"date": "2007-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-391",
"ident": null
},
{
"date": "2007-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000638",
"ident": null
},
{
"date": "2007-08-23T22:17:00",
"db": "NVD",
"id": "CVE-2007-3847",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3847",
"ident": null
},
{
"date": "2010-08-05T21:45:00",
"db": "BID",
"id": "25489",
"ident": null
},
{
"date": "2023-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-391",
"ident": null
},
{
"date": "2013-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000638",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-3847",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "61459"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Apache HTTP Server of mod_proxy Service disruption in modules (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
}
],
"trust": 0.6
}
}
VAR-200110-0176
Vulnerability from variot - Updated: 2026-03-09 23:21Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340. This vulnerability may allow an attacker to forge RSA signatures. A buffer overflow vulnerability in an OpenSSL library function could allow a remote attacker to execute code on an affected system. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: gzip Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA21996
VERIFY ADVISORY: http://secunia.com/advisories/21996/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
SOFTWARE: gzip 1.x http://secunia.com/product/4220/
DESCRIPTION: Tavis Ormandy has reported some vulnerabilities in gzip, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
1) A boundary error within the "make_table()" function in unlzh.c can be used to modify certain stack data. tricking a user or automated system into unpacking a specially crafted archive file. tricking a user or automated system into unpacking a specially crafted "pack" archive file.
3) A buffer overflow within the "make_table()" function of gzip's LZH support can be exploited to cause a DoS and potentially to compromise a vulnerable system by e.g. tricking a user or automated system into unpacking an archive containing a specially crafted decoding table.
4) A NULL pointer dereference within the "huft_build()" function and an infinite loop within the LZH handling can be exploited to cause a DoS by e.g. tricking a user or automated system into unpacking a specially crafted archive file.
The vulnerabilities have been reported in version 1.3.5.
SOLUTION: Do not unpack untrusted archive files.
PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy, Google Security Team
ORIGINAL ADVISORY: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
OTHER REFERENCES: US-CERT VU#554780: http://www.kb.cert.org/vuls/id/554780
US-CERT VU#381508: http://www.kb.cert.org/vuls/id/381508
US-CERT VU#773548: http://www.kb.cert.org/vuls/id/773548
US-CERT VU#933712: http://www.kb.cert.org/vuls/id/933712
US-CERT VU#596848 http://www.kb.cert.org/vuls/id/596848
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Background
The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as 'Mozilla Application Suite'. It is important to note that in the SeaMonkey email client, JavaScript is disabled by default.
This update provides the latest Firefox to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5462 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748 http://www.mozilla.org/security/announce/2006/mfsa2006-65.html http://www.mozilla.org/security/announce/2006/mfsa2006-66.html http://www.mozilla.org/security/announce/2006/mfsa2006-67.html
Updated Packages:
Mandriva Linux 2007.0: b91b0d758b80cd1e200d557954e0f439 2007.0/i586/deskbar-applet-2.16.0-3.1mdv2007.0.i586.rpm c69cea437a51263f156a883f28ba4cc4 2007.0/i586/devhelp-0.12-5.1mdv2007.0.i586.rpm 3b7c9bf926f63cac988f1ecc6fe21924 2007.0/i586/devhelp-plugins-0.12-5.1mdv2007.0.i586.rpm 45be37431714b21cdc3411d47cfc993b 2007.0/i586/epiphany-2.16.0-4.1mdv2007.0.i586.rpm 43475f16b335512313e36265297635e8 2007.0/i586/epiphany-devel-2.16.0-4.1mdv2007.0.i586.rpm c94a08e44366b583a7da5127fceaca16 2007.0/i586/epiphany-extensions-2.16.0-3.1mdv2007.0.i586.rpm 9fb4708c85d643a04b5487dbcf8a5d54 2007.0/i586/galeon-2.0.1-8.1mdv2007.0.i586.rpm c56127106df5a12e10973656d24c1a81 2007.0/i586/gnome-python-extras-2.14.2-6.1mdv2007.0.i586.rpm 846b0d6bec7d7624a5633f3e100b277f 2007.0/i586/gnome-python-gdl-2.14.2-6.1mdv2007.0.i586.rpm 4fd553ecbe4f3ae7ccc7b0901f2acb5c 2007.0/i586/gnome-python-gksu-2.14.2-6.1mdv2007.0.i586.rpm b109f4b0f8ffd6f3c42175e7d2e55789 2007.0/i586/gnome-python-gtkhtml2-2.14.2-6.1mdv2007.0.i586.rpm cb77cdfb4a195d0f119b2ab7cc5f14c9 2007.0/i586/gnome-python-gtkmozembed-2.14.2-6.1mdv2007.0.i586.rpm 742e895ca6feecf5156a9de6638e3be2 2007.0/i586/gnome-python-gtkspell-2.14.2-6.1mdv2007.0.i586.rpm 500510d8547749fbd54097f01bee92a8 2007.0/i586/libdevhelp-1_0-0.12-5.1mdv2007.0.i586.rpm 0cc3e9259cbb24f9862bf8fff6f00805 2007.0/i586/libdevhelp-1_0-devel-0.12-5.1mdv2007.0.i586.rpm 836629938d38b66e07ce7146c59bcfad 2007.0/i586/libmozilla-firefox1.5.0.8-1.5.0.8-1.1mdv2007.0.i586.rpm 885ed8e07e1bea07054574e02fadbeb9 2007.0/i586/libmozilla-firefox1.5.0.8-devel-1.5.0.8-1.1mdv2007.0.i586.rpm 0f6172194ca691de3c73e36e0f53c138 2007.0/i586/libnspr4-1.5.0.8-1.1mdv2007.0.i586.rpm 2ee2e689224d9e8cf5a546ac721723f0 2007.0/i586/libnspr4-devel-1.5.0.8-1.1mdv2007.0.i586.rpm 9027729bb27be1b4155a61d40acfad69 2007.0/i586/libnspr4-static-devel-1.5.0.8-1.1mdv2007.0.i586.rpm b22e001507090a91e85404730ce29cac 2007.0/i586/libnss3-1.5.0.8-1.1mdv2007.0.i586.rpm 5336661098db8f24270b842f1c224240 2007.0/i586/libnss3-devel-1.5.0.8-1.1mdv2007.0.i586.rpm f71a45af0db3336ee69754723812b685 2007.0/i586/libtotem-plparser1-2.16.1-2.1mdv2007.0.i586.rpm 3cabb1189288de5a3e56bcb0e10cc9e3 2007.0/i586/libtotem-plparser1-devel-2.16.1-2.1mdv2007.0.i586.rpm 1fa974233bf0aca855fdc317fe0dde6b 2007.0/i586/mozilla-firefox-1.5.0.8-1.1mdv2007.0.i586.rpm db5728ee5897673fb9e30ec5197662bf 2007.0/i586/mozilla-firefox-ar-1.5.0.8-1.1mdv2007.0.i586.rpm 02d9129452f5829c737657ad034470b4 2007.0/i586/mozilla-firefox-bg-1.5.0.8-1.1mdv2007.0.i586.rpm 7ee529b84ac1f3ca9f165bad8b2847d4 2007.0/i586/mozilla-firefox-br-1.5.0.8-1.1mdv2007.0.i586.rpm b6d1c5797bb91ca707759f73fecd15e8 2007.0/i586/mozilla-firefox-ca-1.5.0.8-1.1mdv2007.0.i586.rpm fcdd7a343fb41fe5f24de72248056834 2007.0/i586/mozilla-firefox-cs-1.5.0.8-1.1mdv2007.0.i586.rpm f19ce159de7d48f294488f643ad7bdf4 2007.0/i586/mozilla-firefox-da-1.5.0.8-1.1mdv2007.0.i586.rpm 4b27e9aa3ce6fe4e997da687eea53bbc 2007.0/i586/mozilla-firefox-de-1.5.0.8-1.1mdv2007.0.i586.rpm aaad0bfd4901285073a20bef2098cba9 2007.0/i586/mozilla-firefox-el-1.5.0.8-1.1mdv2007.0.i586.rpm edff07926737f59f8787e9937afa9b8a 2007.0/i586/mozilla-firefox-es-1.5.0.8-1.1mdv2007.0.i586.rpm 210d8c468009c721565e026296666395 2007.0/i586/mozilla-firefox-es_AR-1.5.0.8-1.1mdv2007.0.i586.rpm bdc0ba81bd408233afe07e2401e85352 2007.0/i586/mozilla-firefox-eu-1.5.0.8-1.1mdv2007.0.i586.rpm 06069ba3e43848aadcb72e6947994b87 2007.0/i586/mozilla-firefox-fi-1.5.0.8-1.1mdv2007.0.i586.rpm 5121b04fc402ed288c6cc69fd63390c9 2007.0/i586/mozilla-firefox-fr-1.5.0.8-1.1mdv2007.0.i586.rpm e012d0888e85efca0f6844dcde5425eb 2007.0/i586/mozilla-firefox-fy-1.5.0.8-1.1mdv2007.0.i586.rpm 9aa48833f1727776f299fbe44da6d640 2007.0/i586/mozilla-firefox-ga-1.5.0.8-1.1mdv2007.0.i586.rpm 9e4422078a1442d5da6f82819275f25f 2007.0/i586/mozilla-firefox-gu_IN-1.5.0.8-1.1mdv2007.0.i586.rpm 82a9d909d6c3291ae08c0cce71b44ae8 2007.0/i586/mozilla-firefox-he-1.5.0.8-1.1mdv2007.0.i586.rpm 7f2781630650b1545d55b37488978899 2007.0/i586/mozilla-firefox-hu-1.5.0.8-1.1mdv2007.0.i586.rpm 0493ee7667fefec6a3de55e935277945 2007.0/i586/mozilla-firefox-it-1.5.0.8-1.1mdv2007.0.i586.rpm 34c99eaffc8c81a1ca5fe9acd30cde21 2007.0/i586/mozilla-firefox-ja-1.5.0.8-1.1mdv2007.0.i586.rpm 85774cb7ee97e65dcb504c13ce724aee 2007.0/i586/mozilla-firefox-ko-1.5.0.8-1.1mdv2007.0.i586.rpm 2c49ee65c2445ee4786d2cb86d4429e8 2007.0/i586/mozilla-firefox-lt-1.5.0.8-1.1mdv2007.0.i586.rpm 67323c14122b6eb59e952248814109ad 2007.0/i586/mozilla-firefox-mk-1.5.0.8-1.1mdv2007.0.i586.rpm fec42dd3e26f97c6c1fccf81b91f8589 2007.0/i586/mozilla-firefox-nb-1.5.0.8-1.1mdv2007.0.i586.rpm ff411ab2378f14644688cd1320f57ea6 2007.0/i586/mozilla-firefox-nl-1.5.0.8-1.1mdv2007.0.i586.rpm b2df3df581175ae8864ec9a9e93775a7 2007.0/i586/mozilla-firefox-pa_IN-1.5.0.8-1.1mdv2007.0.i586.rpm 911a5970bd3761696b24e5d581c9a568 2007.0/i586/mozilla-firefox-pl-1.5.0.8-1.1mdv2007.0.i586.rpm ee6fbbbdbe58aed00f5ec227b3a92595 2007.0/i586/mozilla-firefox-pt-1.5.0.8-1.1mdv2007.0.i586.rpm d06fb1aed51e5e6a61674efcf3e51121 2007.0/i586/mozilla-firefox-pt_BR-1.5.0.8-1.1mdv2007.0.i586.rpm b9cf70e42a6db664db4be531a37f7081 2007.0/i586/mozilla-firefox-ro-1.5.0.8-1.1mdv2007.0.i586.rpm da8429df8cbab950a49ad4228ca6ccf3 2007.0/i586/mozilla-firefox-ru-1.5.0.8-1.1mdv2007.0.i586.rpm b423bdb3e2bebcabfe243fbbf0949eb4 2007.0/i586/mozilla-firefox-sk-1.5.0.8-1.1mdv2007.0.i586.rpm eb04f6705026d20c856d6e13e72f81cf 2007.0/i586/mozilla-firefox-sl-1.5.0.8-1.1mdv2007.0.i586.rpm 87640b95904f2312c7fae1f9f658d179 2007.0/i586/mozilla-firefox-sv-1.5.0.8-1.1mdv2007.0.i586.rpm 37931adaac825ccefd80ee8285374e94 2007.0/i586/mozilla-firefox-tr-1.5.0.8-1.1mdv2007.0.i586.rpm d64689cba4cf6937dac22efc5680874d 2007.0/i586/mozilla-firefox-uk-1.5.0.8-1.1mdv2007.0.i586.rpm 2fe43c1846f4e27e36f19d76c20c918d 2007.0/i586/mozilla-firefox-zh_CN-1.5.0.8-1.1mdv2007.0.i586.rpm ca54a9d6c8e2a6e0d532907538a44b01 2007.0/i586/mozilla-firefox-zh_TW-1.5.0.8-1.1mdv2007.0.i586.rpm 0353fb538eff1f7f1964650b08f223fb 2007.0/i586/totem-2.16.1-2.1mdv2007.0.i586.rpm e0b5fc2bbd3d70d139c3df0233e5b6ea 2007.0/i586/totem-common-2.16.1-2.1mdv2007.0.i586.rpm ac4a4d6ffbc72eeda3ac58ee9552cfa3 2007.0/i586/totem-gstreamer-2.16.1-2.1mdv2007.0.i586.rpm 76d609348d6b614f6d8fc2ed8c32441d 2007.0/i586/totem-mozilla-2.16.1-2.1mdv2007.0.i586.rpm decfb1f205b088d8674af45ac6a8aa2a 2007.0/i586/totem-mozilla-gstreamer-2.16.1-2.1mdv2007.0.i586.rpm 6c5f1b1c0c8e144a1e01bab350bdf125 2007.0/i586/yelp-2.16.0-2.1mdv2007.0.i586.rpm 01c2ab33db63e292029039474f459aae 2007.0/SRPMS/deskbar-applet-2.16.0-3.1mdv2007.0.src.rpm 5d9e32656fbb38c0c7343ebb0878146a 2007.0/SRPMS/devhelp-0.12-5.1mdv2007.0.src.rpm 0c2b87587f16838fa4a31a2c2a939cad 2007.0/SRPMS/epiphany-2.16.0-4.1mdv2007.0.src.rpm 32fa8d811ae52f9a4405894bdb5344ed 2007.0/SRPMS/epiphany-extensions-2.16.0-3.1mdv2007.0.src.rpm 7351e6dfda7596598f93c50f2ac06acf 2007.0/SRPMS/galeon-2.0.1-8.1mdv2007.0.src.rpm 55e77fdd797856bf73ae92b02105ae73 2007.0/SRPMS/gnome-python-extras-2.14.2-6.1mdv2007.0.src.rpm 83c301b1641404592346d332e2b24962 2007.0/SRPMS/mozilla-firefox-1.5.0.8-1.1mdv2007.0.src.rpm 4c88b90b47815b11763db6c6f60a08ad 2007.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-1.1mdv2007.0.src.rpm 659f3151e56585d2d35dcd11806dcc0c 2007.0/SRPMS/totem-2.16.1-2.1mdv2007.0.src.rpm cfff6d40ac58bc9c5bb5d20efd1a4e0a 2007.0/SRPMS/yelp-2.16.0-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 80851043dd92218983323ad1a9d93668 2007.0/x86_64/deskbar-applet-2.16.0-3.1mdv2007.0.x86_64.rpm f6e80f07ecf15b967d485dbcaa9f7e8c 2007.0/x86_64/devhelp-0.12-5.1mdv2007.0.x86_64.rpm 04a535f48452519eba13d00c97b11159 2007.0/x86_64/devhelp-plugins-0.12-5.1mdv2007.0.x86_64.rpm 9c6816b2d3599f1b381c7fba9527b340 2007.0/x86_64/epiphany-2.16.0-4.1mdv2007.0.x86_64.rpm 6a6b53599dfbbd3d27c8fda5e4cc2d1c 2007.0/x86_64/epiphany-devel-2.16.0-4.1mdv2007.0.x86_64.rpm 9ab9ca8ca14379996e532a2dade68f3a 2007.0/x86_64/epiphany-extensions-2.16.0-3.1mdv2007.0.x86_64.rpm f4b923e368b05c4ce7ebeff201e40265 2007.0/x86_64/galeon-2.0.1-8.1mdv2007.0.x86_64.rpm d2a1eea4906952103afc940c600a7f75 2007.0/x86_64/gnome-python-extras-2.14.2-6.1mdv2007.0.x86_64.rpm 62d428088816a83b120559f3f915c871 2007.0/x86_64/gnome-python-gdl-2.14.2-6.1mdv2007.0.x86_64.rpm b3ab1bcaed14b17bec6b43f82fb8fdad 2007.0/x86_64/gnome-python-gksu-2.14.2-6.1mdv2007.0.x86_64.rpm 942d7c7bb0f4cf3d64ac4fcf67cdd468 2007.0/x86_64/gnome-python-gtkhtml2-2.14.2-6.1mdv2007.0.x86_64.rpm 57543cedc85f4c33f87e1959d93eb0c9 2007.0/x86_64/gnome-python-gtkmozembed-2.14.2-6.1mdv2007.0.x86_64.rpm 69c4189877051a5252555453d25ae0f5 2007.0/x86_64/gnome-python-gtkspell-2.14.2-6.1mdv2007.0.x86_64.rpm 454ad59ac0495bd1d8cc413ef0fe6643 2007.0/x86_64/lib64devhelp-1_0-0.12-5.1mdv2007.0.x86_64.rpm f7867ec9589fa978f18f902e633810f3 2007.0/x86_64/lib64devhelp-1_0-devel-0.12-5.1mdv2007.0.x86_64.rpm 3116eecdec16bbadf00c6173b2471a0e 2007.0/x86_64/lib64mozilla-firefox1.5.0.8-1.5.0.8-1.1mdv2007.0.x86_64.rpm 69eba98dffdffa568175834600567101 2007.0/x86_64/lib64mozilla-firefox1.5.0.8-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm 0c2521c7efb4fa49631ddd57206870b7 2007.0/x86_64/lib64nspr4-1.5.0.8-1.1mdv2007.0.x86_64.rpm c1c80f43574c4c949429f4f012b1f5c8 2007.0/x86_64/lib64nspr4-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm 5351fd089034e5ed4e44e52d98752f86 2007.0/x86_64/lib64nspr4-static-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm 394fb954fb75c68a9ebbbd20a5b4cff6 2007.0/x86_64/lib64nss3-1.5.0.8-1.1mdv2007.0.x86_64.rpm 7ac1ec573542b20aada4abf4483a545e 2007.0/x86_64/lib64nss3-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm 79fc091b8555ad1566a23a08a6dc1173 2007.0/x86_64/lib64totem-plparser1-2.16.1-2.1mdv2007.0.x86_64.rpm b8c4befca901874d8092c1ae003ef25c 2007.0/x86_64/lib64totem-plparser1-devel-2.16.1-2.1mdv2007.0.x86_64.rpm b2dc7ad59e244330a96814c9d8e0212a 2007.0/x86_64/mozilla-firefox-1.5.0.8-1.1mdv2007.0.x86_64.rpm 7ce40b4a2bf93cd05686e118af4838c6 2007.0/x86_64/mozilla-firefox-ar-1.5.0.8-1.1mdv2007.0.x86_64.rpm c39542f4f59411271bb46baf5648cf60 2007.0/x86_64/mozilla-firefox-bg-1.5.0.8-1.1mdv2007.0.x86_64.rpm 1b8ff77c52dfaa869b0855fadb55f0f6 2007.0/x86_64/mozilla-firefox-br-1.5.0.8-1.1mdv2007.0.x86_64.rpm 3865dafd06ae1b38a9a6c4729b8446f5 2007.0/x86_64/mozilla-firefox-ca-1.5.0.8-1.1mdv2007.0.x86_64.rpm 1cfa510ed5cce13c5c087d3d5c2a82a1 2007.0/x86_64/mozilla-firefox-cs-1.5.0.8-1.1mdv2007.0.x86_64.rpm 48d1488dbd34e1e7c97e861891000251 2007.0/x86_64/mozilla-firefox-da-1.5.0.8-1.1mdv2007.0.x86_64.rpm 01a29973e5c74d794fcfaaad573ee8c6 2007.0/x86_64/mozilla-firefox-de-1.5.0.8-1.1mdv2007.0.x86_64.rpm a39500ca6eb0040c232e5ef5cf7a91d0 2007.0/x86_64/mozilla-firefox-el-1.5.0.8-1.1mdv2007.0.x86_64.rpm 375fb37154f945d9722d2e9ff3287de9 2007.0/x86_64/mozilla-firefox-es-1.5.0.8-1.1mdv2007.0.x86_64.rpm 46d2118a894bdbde59e14fa0681daab1 2007.0/x86_64/mozilla-firefox-es_AR-1.5.0.8-1.1mdv2007.0.x86_64.rpm e3cab8d2631fc9c76c901c669c677a85 2007.0/x86_64/mozilla-firefox-eu-1.5.0.8-1.1mdv2007.0.x86_64.rpm 19e20f44c093c5d401885f9f673db7c9 2007.0/x86_64/mozilla-firefox-fi-1.5.0.8-1.1mdv2007.0.x86_64.rpm 5dedc30b432e1e9236bd2d6639a1fb05 2007.0/x86_64/mozilla-firefox-fr-1.5.0.8-1.1mdv2007.0.x86_64.rpm 0c0ab629fe2067e5ee9988dae0f92cb6 2007.0/x86_64/mozilla-firefox-fy-1.5.0.8-1.1mdv2007.0.x86_64.rpm 870b3cfcf3a0fe0001d77f9cd6f07fdc 2007.0/x86_64/mozilla-firefox-ga-1.5.0.8-1.1mdv2007.0.x86_64.rpm 28bf3c7257b6e23805efc4386d5c520b 2007.0/x86_64/mozilla-firefox-gu_IN-1.5.0.8-1.1mdv2007.0.x86_64.rpm b6fdd904314ab62a67d521761ca83975 2007.0/x86_64/mozilla-firefox-he-1.5.0.8-1.1mdv2007.0.x86_64.rpm b35feb2b469f18ffb37fdb7ab631284c 2007.0/x86_64/mozilla-firefox-hu-1.5.0.8-1.1mdv2007.0.x86_64.rpm ecbdd5415283fc99cead2d1a2e30d7d7 2007.0/x86_64/mozilla-firefox-it-1.5.0.8-1.1mdv2007.0.x86_64.rpm 0b08708225efb7a1ad0e2a93efcaaecb 2007.0/x86_64/mozilla-firefox-ja-1.5.0.8-1.1mdv2007.0.x86_64.rpm 64f8dab64d7edacdd8dea9312f3bc371 2007.0/x86_64/mozilla-firefox-ko-1.5.0.8-1.1mdv2007.0.x86_64.rpm 190710b65f4a1cc46bdf26654bc97711 2007.0/x86_64/mozilla-firefox-lt-1.5.0.8-1.1mdv2007.0.x86_64.rpm 8ca2562da91458eccc590fc610dff9c4 2007.0/x86_64/mozilla-firefox-mk-1.5.0.8-1.1mdv2007.0.x86_64.rpm bcf462e1a0eec021e9aab03fb7480f76 2007.0/x86_64/mozilla-firefox-nb-1.5.0.8-1.1mdv2007.0.x86_64.rpm d2fbfeed3c54958b05d13fac09c173c6 2007.0/x86_64/mozilla-firefox-nl-1.5.0.8-1.1mdv2007.0.x86_64.rpm b8cef648a1529759b7b2a70b915eca38 2007.0/x86_64/mozilla-firefox-pa_IN-1.5.0.8-1.1mdv2007.0.x86_64.rpm 05feec907328879bb87f3bc28b9d248f 2007.0/x86_64/mozilla-firefox-pl-1.5.0.8-1.1mdv2007.0.x86_64.rpm df425a9aba8146cba8905bfe460cb862 2007.0/x86_64/mozilla-firefox-pt-1.5.0.8-1.1mdv2007.0.x86_64.rpm 5b3fe1c5ee087b003269049d68f3ee13 2007.0/x86_64/mozilla-firefox-pt_BR-1.5.0.8-1.1mdv2007.0.x86_64.rpm 08a2711a6f6117158630f60500ae5986 2007.0/x86_64/mozilla-firefox-ro-1.5.0.8-1.1mdv2007.0.x86_64.rpm dd8348feec156ef4ae500129e212b044 2007.0/x86_64/mozilla-firefox-ru-1.5.0.8-1.1mdv2007.0.x86_64.rpm 68faaf2302efde9c04bc63d481be7467 2007.0/x86_64/mozilla-firefox-sk-1.5.0.8-1.1mdv2007.0.x86_64.rpm ad0f25da8b2331ea10eced98a902ce3a 2007.0/x86_64/mozilla-firefox-sl-1.5.0.8-1.1mdv2007.0.x86_64.rpm d68781b83b403363063d96df642d83c7 2007.0/x86_64/mozilla-firefox-sv-1.5.0.8-1.1mdv2007.0.x86_64.rpm 120fe382a40f46677aa7e07672af6e8e 2007.0/x86_64/mozilla-firefox-tr-1.5.0.8-1.1mdv2007.0.x86_64.rpm 58271805cec18b640c478662226aa4c2 2007.0/x86_64/mozilla-firefox-uk-1.5.0.8-1.1mdv2007.0.x86_64.rpm 1c64c9af61a9a9c101dc8339746d29a0 2007.0/x86_64/mozilla-firefox-zh_CN-1.5.0.8-1.1mdv2007.0.x86_64.rpm 7b62a0cd4b6f22710f5dea490c69cd77 2007.0/x86_64/mozilla-firefox-zh_TW-1.5.0.8-1.1mdv2007.0.x86_64.rpm a349937cee9565d010122b8dfe81da94 2007.0/x86_64/totem-2.16.1-2.1mdv2007.0.x86_64.rpm 3672074a8d7a1f064b5a783a583d4da7 2007.0/x86_64/totem-common-2.16.1-2.1mdv2007.0.x86_64.rpm 361606c2139028e96419a7c57c50dd9a 2007.0/x86_64/totem-gstreamer-2.16.1-2.1mdv2007.0.x86_64.rpm 7a50ef64653d6a9b78a5cdc278b4bcfa 2007.0/x86_64/totem-mozilla-2.16.1-2.1mdv2007.0.x86_64.rpm 361bf8fcba11cc9ddab784a0e3c9706d 2007.0/x86_64/totem-mozilla-gstreamer-2.16.1-2.1mdv2007.0.x86_64.rpm a58c9e43565011c27bb5d727d0d071e8 2007.0/x86_64/yelp-2.16.0-2.1mdv2007.0.x86_64.rpm 01c2ab33db63e292029039474f459aae 2007.0/SRPMS/deskbar-applet-2.16.0-3.1mdv2007.0.src.rpm 5d9e32656fbb38c0c7343ebb0878146a 2007.0/SRPMS/devhelp-0.12-5.1mdv2007.0.src.rpm 0c2b87587f16838fa4a31a2c2a939cad 2007.0/SRPMS/epiphany-2.16.0-4.1mdv2007.0.src.rpm 32fa8d811ae52f9a4405894bdb5344ed 2007.0/SRPMS/epiphany-extensions-2.16.0-3.1mdv2007.0.src.rpm 7351e6dfda7596598f93c50f2ac06acf 2007.0/SRPMS/galeon-2.0.1-8.1mdv2007.0.src.rpm 55e77fdd797856bf73ae92b02105ae73 2007.0/SRPMS/gnome-python-extras-2.14.2-6.1mdv2007.0.src.rpm 83c301b1641404592346d332e2b24962 2007.0/SRPMS/mozilla-firefox-1.5.0.8-1.1mdv2007.0.src.rpm 4c88b90b47815b11763db6c6f60a08ad 2007.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-1.1mdv2007.0.src.rpm 659f3151e56585d2d35dcd11806dcc0c 2007.0/SRPMS/totem-2.16.1-2.1mdv2007.0.src.rpm cfff6d40ac58bc9c5bb5d20efd1a4e0a 2007.0/SRPMS/yelp-2.16.0-2.1mdv2007.0.src.rpm
Corporate 3.0: e9c20691dca1541a9ca1410554d8860d corporate/3.0/i586/libnspr4-1.5.0.8-0.1.C30mdk.i586.rpm 2d7eb84862b6c15cb765095290bc55be corporate/3.0/i586/libnspr4-devel-1.5.0.8-0.1.C30mdk.i586.rpm 3ba8dd79e1593e672f33107631d84e4a corporate/3.0/i586/libnspr4-static-devel-1.5.0.8-0.1.C30mdk.i586.rpm 827734706e6af0fb0402dcbc57f677a6 corporate/3.0/i586/libnss3-1.5.0.8-0.1.C30mdk.i586.rpm 0e16702e278ff43264ed7069ff31a59b corporate/3.0/i586/libnss3-devel-1.5.0.8-0.1.C30mdk.i586.rpm 15674f3f327a0860c0feffc89dcc8c45 corporate/3.0/i586/mozilla-firefox-1.5.0.8-0.1.C30mdk.i586.rpm fa5318afe39b796670cd0ab0410cdc4b corporate/3.0/i586/mozilla-firefox-ar-1.5.0.8-0.1.C30mdk.i586.rpm 4d9dca29468193ef164eb5d3dd852370 corporate/3.0/i586/mozilla-firefox-bg-1.5.0.8-0.1.C30mdk.i586.rpm 3f049db808da48baeeec58f836e4cd66 corporate/3.0/i586/mozilla-firefox-br-1.5.0.8-0.1.C30mdk.i586.rpm f63860a2a8c7a314fd3eb8b3fa7da20b corporate/3.0/i586/mozilla-firefox-ca-1.5.0.8-0.1.C30mdk.i586.rpm 6f1b26e0fa8f93cc8147006df4cdc76f corporate/3.0/i586/mozilla-firefox-cs-1.5.0.8-0.1.C30mdk.i586.rpm 7a0738e2c91215dadc79e375040530ef corporate/3.0/i586/mozilla-firefox-da-1.5.0.8-0.1.C30mdk.i586.rpm 764108d488fe48455d856ff67b407056 corporate/3.0/i586/mozilla-firefox-de-1.5.0.8-0.1.C30mdk.i586.rpm b20e8871620a89f08b95f01a568da207 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.8-0.1.C30mdk.i586.rpm c462bce9ea56a861a036c3b814d978a4 corporate/3.0/i586/mozilla-firefox-el-1.5.0.8-0.1.C30mdk.i586.rpm 9feed3de38ac8e209030c07197432bac corporate/3.0/i586/mozilla-firefox-es-1.5.0.8-0.1.C30mdk.i586.rpm 14214019c8d4f5a98639d3c38aa851d2 corporate/3.0/i586/mozilla-firefox-es_AR-1.5.0.8-0.1.C30mdk.i586.rpm f3795974e5a4931378e0b974cd177248 corporate/3.0/i586/mozilla-firefox-eu-1.5.0.8-0.1.C30mdk.i586.rpm 79c37baa0cdc11d93605a8cb2cea005e corporate/3.0/i586/mozilla-firefox-fi-1.5.0.8-0.1.C30mdk.i586.rpm 3a0f6e44d1c19a37ef19874919ceed39 corporate/3.0/i586/mozilla-firefox-fr-1.5.0.8-0.1.C30mdk.i586.rpm b0a19b03ec982f5d9db5f67a7aaa7363 corporate/3.0/i586/mozilla-firefox-fy-1.5.0.8-0.1.C30mdk.i586.rpm 80a06d2f1788ed174e385abc55eb3051 corporate/3.0/i586/mozilla-firefox-ga-1.5.0.8-0.1.C30mdk.i586.rpm 9bca565677ded374c572c1ec4678ff30 corporate/3.0/i586/mozilla-firefox-gu_IN-1.5.0.8-0.1.C30mdk.i586.rpm 4928af899e49f32c716fbe9c2ac85dda corporate/3.0/i586/mozilla-firefox-he-1.5.0.8-0.1.C30mdk.i586.rpm d014b763538d2dfbea52fa20bcbaa98a corporate/3.0/i586/mozilla-firefox-hu-1.5.0.8-0.1.C30mdk.i586.rpm f42a5f2c796542eed3fcbf7551d32847 corporate/3.0/i586/mozilla-firefox-it-1.5.0.8-0.1.C30mdk.i586.rpm 8e76658aba8fefe0b8ec693c67285b5f corporate/3.0/i586/mozilla-firefox-ja-1.5.0.8-0.1.C30mdk.i586.rpm 0f4f0e40655aed7ace4a0e051fc823f3 corporate/3.0/i586/mozilla-firefox-ko-1.5.0.8-0.1.C30mdk.i586.rpm e1ecef228b514caddce72529d900b05f corporate/3.0/i586/mozilla-firefox-lt-1.5.0.8-0.1.C30mdk.i586.rpm 1b4a0afc69e2590c5e20520bc84ed06e corporate/3.0/i586/mozilla-firefox-mk-1.5.0.8-0.1.C30mdk.i586.rpm cb134936baa5ee67377769999ea287fe corporate/3.0/i586/mozilla-firefox-nb-1.5.0.8-0.1.C30mdk.i586.rpm 578f14a4978f05a080f25d47c5a8e622 corporate/3.0/i586/mozilla-firefox-nl-1.5.0.8-0.1.C30mdk.i586.rpm e8d5043f825abdfbb4f13d25d41e5ef7 corporate/3.0/i586/mozilla-firefox-pa_IN-1.5.0.8-0.1.C30mdk.i586.rpm 6df93a7969b4067886408ea930396996 corporate/3.0/i586/mozilla-firefox-pl-1.5.0.8-0.1.C30mdk.i586.rpm c3a9a9eddcd1ec358028a26c3d006250 corporate/3.0/i586/mozilla-firefox-pt-1.5.0.8-0.1.C30mdk.i586.rpm 25d505054fc99454df1865bf121c155f corporate/3.0/i586/mozilla-firefox-pt_BR-1.5.0.8-0.1.C30mdk.i586.rpm 0ff148c48951ffa94d2a6bfdcb766ec8 corporate/3.0/i586/mozilla-firefox-ro-1.5.0.8-0.1.C30mdk.i586.rpm 04ab3e6e9963a7b86716be7b14baa5af corporate/3.0/i586/mozilla-firefox-ru-1.5.0.8-0.1.C30mdk.i586.rpm 3ada50ce8ecf2126814db37880c992f2 corporate/3.0/i586/mozilla-firefox-sk-1.5.0.8-0.1.C30mdk.i586.rpm 4a66117b50427bc2aa2839111b7ab638 corporate/3.0/i586/mozilla-firefox-sl-1.5.0.8-0.1.C30mdk.i586.rpm 6439f21230de80d007347d35b96e2797 corporate/3.0/i586/mozilla-firefox-sv-1.5.0.8-0.1.C30mdk.i586.rpm eeda1db56835e2ba3b74eff551360fb6 corporate/3.0/i586/mozilla-firefox-tr-1.5.0.8-0.1.C30mdk.i586.rpm 12f8d54646eafff347eeacac23a47b8d corporate/3.0/i586/mozilla-firefox-uk-1.5.0.8-0.1.C30mdk.i586.rpm 1e47c896b6401e714a409ea34dc005ea corporate/3.0/i586/mozilla-firefox-zh_CN-1.5.0.8-0.1.C30mdk.i586.rpm 9bdebb599b7ef9d63c5e0f589ce6567d corporate/3.0/i586/mozilla-firefox-zh_TW-1.5.0.8-0.1.C30mdk.i586.rpm 86b4b1bfc9b8a084cad7ee7d46be291b corporate/3.0/SRPMS/mozilla-firefox-1.5.0.8-0.1.C30mdk.src.rpm 2f0e72d3924aff74bc9a55a41b44f60f corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-0.1.C30mdk.src.rpm
Corporate 3.0/X86_64: e41213dc5c63b46a3917bd2b6fdf6b26 corporate/3.0/x86_64/lib64nspr4-1.5.0.8-0.1.C30mdk.x86_64.rpm 363650fb4785c9aa32a17d308ab85fbe corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.8-0.1.C30mdk.x86_64.rpm 9f775b9a58d3553e813cbc3a2c6c859c corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.8-0.1.C30mdk.x86_64.rpm 44539ac13c8e371ee870f96f03f89bfc corporate/3.0/x86_64/lib64nss3-1.5.0.8-0.1.C30mdk.x86_64.rpm 2c490eb3dfbe2e56b4e2ff479e48fe03 corporate/3.0/x86_64/lib64nss3-devel-1.5.0.8-0.1.C30mdk.x86_64.rpm f26042362f1e2f8455c9199f9d9d4f4b corporate/3.0/x86_64/mozilla-firefox-1.5.0.8-0.1.C30mdk.x86_64.rpm 44b63c9d73c9070351da9656a1bc8e40 corporate/3.0/x86_64/mozilla-firefox-ar-1.5.0.8-0.1.C30mdk.x86_64.rpm 4d3c868d4001fbfc3d95d6245eae0c6f corporate/3.0/x86_64/mozilla-firefox-bg-1.5.0.8-0.1.C30mdk.x86_64.rpm 400cfc94d7a111147e97f3373d4af37b corporate/3.0/x86_64/mozilla-firefox-br-1.5.0.8-0.1.C30mdk.x86_64.rpm 1aa20a7377c52bdb860f5192d6d5d2a3 corporate/3.0/x86_64/mozilla-firefox-ca-1.5.0.8-0.1.C30mdk.x86_64.rpm a6dace88a4772e17536cbb6805539379 corporate/3.0/x86_64/mozilla-firefox-cs-1.5.0.8-0.1.C30mdk.x86_64.rpm cf1715ff43e1226b6880c0547194070d corporate/3.0/x86_64/mozilla-firefox-da-1.5.0.8-0.1.C30mdk.x86_64.rpm ae5c0718f9fc85a7666b53d355a1fac4 corporate/3.0/x86_64/mozilla-firefox-de-1.5.0.8-0.1.C30mdk.x86_64.rpm 92c3c4477e3310a70f1cff09a7b5c6c7 corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.8-0.1.C30mdk.x86_64.rpm 48220b6c5f543dccb50f75e7eb0ab72d corporate/3.0/x86_64/mozilla-firefox-el-1.5.0.8-0.1.C30mdk.x86_64.rpm eb7dc2896ee4936d565d91c050ff7b03 corporate/3.0/x86_64/mozilla-firefox-es-1.5.0.8-0.1.C30mdk.x86_64.rpm 4c2b296ed6b27d552549be92077c1f72 corporate/3.0/x86_64/mozilla-firefox-es_AR-1.5.0.8-0.1.C30mdk.x86_64.rpm a77469216f5d9774a2540c6142023596 corporate/3.0/x86_64/mozilla-firefox-eu-1.5.0.8-0.1.C30mdk.x86_64.rpm 6a2729173eb1b8964017258bf5183b20 corporate/3.0/x86_64/mozilla-firefox-fi-1.5.0.8-0.1.C30mdk.x86_64.rpm c543760efaaa21393a736dfbc69d8564 corporate/3.0/x86_64/mozilla-firefox-fr-1.5.0.8-0.1.C30mdk.x86_64.rpm 47a1bf39777d2a0f15afbac99c95e488 corporate/3.0/x86_64/mozilla-firefox-fy-1.5.0.8-0.1.C30mdk.x86_64.rpm ed9cd505277126d4b0666dc50180843c corporate/3.0/x86_64/mozilla-firefox-ga-1.5.0.8-0.1.C30mdk.x86_64.rpm 5b491a1ab10b5344287af12bb23ca2ec corporate/3.0/x86_64/mozilla-firefox-gu_IN-1.5.0.8-0.1.C30mdk.x86_64.rpm bba60554281d8e66eb12c7e2f1c286eb corporate/3.0/x86_64/mozilla-firefox-he-1.5.0.8-0.1.C30mdk.x86_64.rpm 499df4d089285c7347f7796526cdeed8 corporate/3.0/x86_64/mozilla-firefox-hu-1.5.0.8-0.1.C30mdk.x86_64.rpm 0590b36a3507d20a1554a921f2df290e corporate/3.0/x86_64/mozilla-firefox-it-1.5.0.8-0.1.C30mdk.x86_64.rpm 1090726474a874691c600de1ff3d7fe4 corporate/3.0/x86_64/mozilla-firefox-ja-1.5.0.8-0.1.C30mdk.x86_64.rpm f1854c1973d2067aeb47717e02e1b978 corporate/3.0/x86_64/mozilla-firefox-ko-1.5.0.8-0.1.C30mdk.x86_64.rpm 66281573f2dfbb13247b4efd83c5eac9 corporate/3.0/x86_64/mozilla-firefox-lt-1.5.0.8-0.1.C30mdk.x86_64.rpm bf8ffc3d1ca00b9aa9c3da330d0894f9 corporate/3.0/x86_64/mozilla-firefox-mk-1.5.0.8-0.1.C30mdk.x86_64.rpm 0730fcca475a3ccf41bdcd5a5b381704 corporate/3.0/x86_64/mozilla-firefox-nb-1.5.0.8-0.1.C30mdk.x86_64.rpm c2efc6cc73f5e10cf13f8640295dbec5 corporate/3.0/x86_64/mozilla-firefox-nl-1.5.0.8-0.1.C30mdk.x86_64.rpm e93489555defa4d394a07d7c3be044e9 corporate/3.0/x86_64/mozilla-firefox-pa_IN-1.5.0.8-0.1.C30mdk.x86_64.rpm 5c3d5d884c5f1e198fd0dcb0ea35b53b corporate/3.0/x86_64/mozilla-firefox-pl-1.5.0.8-0.1.C30mdk.x86_64.rpm b4fa89a62c4a3f75d7329d2c61829249 corporate/3.0/x86_64/mozilla-firefox-pt-1.5.0.8-0.1.C30mdk.x86_64.rpm 98b5d2228cfe87430979350dede26382 corporate/3.0/x86_64/mozilla-firefox-pt_BR-1.5.0.8-0.1.C30mdk.x86_64.rpm 121bb72512fe0cb739a8dfea2cb77334 corporate/3.0/x86_64/mozilla-firefox-ro-1.5.0.8-0.1.C30mdk.x86_64.rpm 6690c024983dc636337c330a14d18f9b corporate/3.0/x86_64/mozilla-firefox-ru-1.5.0.8-0.1.C30mdk.x86_64.rpm c4f5525868b98ccfd265fb078e026c41 corporate/3.0/x86_64/mozilla-firefox-sk-1.5.0.8-0.1.C30mdk.x86_64.rpm c5732b363604b60387260935eb3d6ad1 corporate/3.0/x86_64/mozilla-firefox-sl-1.5.0.8-0.1.C30mdk.x86_64.rpm 215eedd08847949966f593fbc652866e corporate/3.0/x86_64/mozilla-firefox-sv-1.5.0.8-0.1.C30mdk.x86_64.rpm e8b937a222ebbee6497e8679832aa4c8 corporate/3.0/x86_64/mozilla-firefox-tr-1.5.0.8-0.1.C30mdk.x86_64.rpm 82416aec298b336154c6fdf780563623 corporate/3.0/x86_64/mozilla-firefox-uk-1.5.0.8-0.1.C30mdk.x86_64.rpm 5229c9bdb1da356f715dadc18939783d corporate/3.0/x86_64/mozilla-firefox-zh_CN-1.5.0.8-0.1.C30mdk.x86_64.rpm 04150ecca5dbfe244090af9cccd076ed corporate/3.0/x86_64/mozilla-firefox-zh_TW-1.5.0.8-0.1.C30mdk.x86_64.rpm 86b4b1bfc9b8a084cad7ee7d46be291b corporate/3.0/SRPMS/mozilla-firefox-1.5.0.8-0.1.C30mdk.src.rpm 2f0e72d3924aff74bc9a55a41b44f60f corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-0.1.C30mdk.src.rpm
Corporate 4.0: 088124d1ec139440c91f40f6259d60f7 corporate/4.0/i586/libnspr4-1.5.0.8-0.1.20060mlcs4.i586.rpm 4935d71a7f50c711f7061da070e452c3 corporate/4.0/i586/libnspr4-devel-1.5.0.8-0.1.20060mlcs4.i586.rpm f95cb35be57af2fcc1011d712b830b91 corporate/4.0/i586/libnspr4-static-devel-1.5.0.8-0.1.20060mlcs4.i586.rpm c68520b4ad039d1d03930ed225bd3dc7 corporate/4.0/i586/libnss3-1.5.0.8-0.1.20060mlcs4.i586.rpm a2ffb796cabd43984cc00f26a048b44b corporate/4.0/i586/libnss3-devel-1.5.0.8-0.1.20060mlcs4.i586.rpm ba7e80138f2678ae6951c5aa8c609356 corporate/4.0/i586/mozilla-firefox-1.5.0.8-0.1.20060mlcs4.i586.rpm db5bde23f45cabf3d8eb575e1366a373 corporate/4.0/i586/mozilla-firefox-ar-1.5.0.8-0.1.20060mlcs4.i586.rpm 0cf58005ddcc3024988abe09210c062c corporate/4.0/i586/mozilla-firefox-bg-1.5.0.8-0.1.20060mlcs4.i586.rpm 585ab33b50a390dc9f3ea1d40c7133cc corporate/4.0/i586/mozilla-firefox-br-1.5.0.8-0.1.20060mlcs4.i586.rpm 74f91ca40bc294828604faf640c97dc5 corporate/4.0/i586/mozilla-firefox-ca-1.5.0.8-0.1.20060mlcs4.i586.rpm 44c6d74403d8b35d65a1a1c25c98beda corporate/4.0/i586/mozilla-firefox-cs-1.5.0.8-0.1.20060mlcs4.i586.rpm 4203e096f8f6bee19998ce6b3ddb3eb2 corporate/4.0/i586/mozilla-firefox-da-1.5.0.8-0.1.20060mlcs4.i586.rpm 01d38722c97ac1fc18d062665aec4ef7 corporate/4.0/i586/mozilla-firefox-de-1.5.0.8-0.1.20060mlcs4.i586.rpm 8ebaa2edb49e3feec867225959494c85 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.8-0.1.20060mlcs4.i586.rpm c4749e3562d63e15430e21d0dd9a7215 corporate/4.0/i586/mozilla-firefox-el-1.5.0.8-0.1.20060mlcs4.i586.rpm 877eed1cb682f64f9a2b9ef2f4257e34 corporate/4.0/i586/mozilla-firefox-es-1.5.0.8-0.1.20060mlcs4.i586.rpm c73011439b0c874d3be5a207c8182689 corporate/4.0/i586/mozilla-firefox-es_AR-1.5.0.8-0.1.20060mlcs4.i586.rpm 7370aadeeaf66b52058594037146b4f4 corporate/4.0/i586/mozilla-firefox-eu-1.5.0.8-0.1.20060mlcs4.i586.rpm 832e859a8b62126a77dfeb7b8086d21c corporate/4.0/i586/mozilla-firefox-fi-1.5.0.8-0.1.20060mlcs4.i586.rpm 02e7fed06cce9eb2e8ead70ff6c2aa49 corporate/4.0/i586/mozilla-firefox-fr-1.5.0.8-0.1.20060mlcs4.i586.rpm 9338908202a07748f8ce6eb262eb7865 corporate/4.0/i586/mozilla-firefox-fy-1.5.0.8-0.1.20060mlcs4.i586.rpm 7b4b941ac54ed8dcd70d48d6945b158e corporate/4.0/i586/mozilla-firefox-ga-1.5.0.8-0.1.20060mlcs4.i586.rpm 3b06ebef8316fbec787b73e4506dd1bd corporate/4.0/i586/mozilla-firefox-gu_IN-1.5.0.8-0.1.20060mlcs4.i586.rpm cf225d052aa0ef653c1038db6c485eb1 corporate/4.0/i586/mozilla-firefox-he-1.5.0.8-0.1.20060mlcs4.i586.rpm 7034f3d156e4e78e729f148cc8f2bf69 corporate/4.0/i586/mozilla-firefox-hu-1.5.0.8-0.1.20060mlcs4.i586.rpm e2dbd8037553ba7727d715000440f43a corporate/4.0/i586/mozilla-firefox-it-1.5.0.8-0.1.20060mlcs4.i586.rpm ac4472ae342aa2dce68239402dfd12ea corporate/4.0/i586/mozilla-firefox-ja-1.5.0.8-0.1.20060mlcs4.i586.rpm 87da0b6c52d5c066a43dd62bb3849970 corporate/4.0/i586/mozilla-firefox-ko-1.5.0.8-0.1.20060mlcs4.i586.rpm 0c7d6aa08b63a3c24c33ffa3cdc592a7 corporate/4.0/i586/mozilla-firefox-lt-1.5.0.8-0.1.20060mlcs4.i586.rpm 5b85537051503f852604a9a32cdd388b corporate/4.0/i586/mozilla-firefox-mk-1.5.0.8-0.1.20060mlcs4.i586.rpm 873c8a9ccab7a3f0b3ea5eb649ed5647 corporate/4.0/i586/mozilla-firefox-nb-1.5.0.8-0.1.20060mlcs4.i586.rpm 1ef55e1d5c7c498bd4ed8323e9bbf4a7 corporate/4.0/i586/mozilla-firefox-nl-1.5.0.8-0.1.20060mlcs4.i586.rpm c62cc43b661fc61658c630f4000e124f corporate/4.0/i586/mozilla-firefox-pa_IN-1.5.0.8-0.1.20060mlcs4.i586.rpm 1a2aacf34a5b39c34aefdd38579f0c3c corporate/4.0/i586/mozilla-firefox-pl-1.5.0.8-0.1.20060mlcs4.i586.rpm bbd43b6930ed48a19d8e623b7f70efcd corporate/4.0/i586/mozilla-firefox-pt-1.5.0.8-0.1.20060mlcs4.i586.rpm 71bc48ed5b8dc6404f7ae3af9fa9b841 corporate/4.0/i586/mozilla-firefox-pt_BR-1.5.0.8-0.1.20060mlcs4.i586.rpm 14a8e53126599ced68d931f38fecf1bf corporate/4.0/i586/mozilla-firefox-ro-1.5.0.8-0.1.20060mlcs4.i586.rpm e60329757a9ffe3b27c7be5a214c4ed3 corporate/4.0/i586/mozilla-firefox-ru-1.5.0.8-0.1.20060mlcs4.i586.rpm cabedd45cd2a0d3d1015499269ea98b4 corporate/4.0/i586/mozilla-firefox-sk-1.5.0.8-0.1.20060mlcs4.i586.rpm ea1422e5b3266ef79aa8f5f462438d69 corporate/4.0/i586/mozilla-firefox-sl-1.5.0.8-0.1.20060mlcs4.i586.rpm 598e8f43608641c737bec8617e26c832 corporate/4.0/i586/mozilla-firefox-sv-1.5.0.8-0.1.20060mlcs4.i586.rpm 93c3f8e73ef4522850485008acaf4bed corporate/4.0/i586/mozilla-firefox-tr-1.5.0.8-0.1.20060mlcs4.i586.rpm f59b22a253f53c8f252e0b77629597c1 corporate/4.0/i586/mozilla-firefox-uk-1.5.0.8-0.1.20060mlcs4.i586.rpm 3007ea5ed5980a2b1ddeaefdea33638b corporate/4.0/i586/mozilla-firefox-zh_CN-1.5.0.8-0.1.20060mlcs4.i586.rpm c503fd11f3664f863aced8cfe44f6b82 corporate/4.0/i586/mozilla-firefox-zh_TW-1.5.0.8-0.1.20060mlcs4.i586.rpm ec0dee65b1a8045682b753c6e952e84f corporate/4.0/SRPMS/mozilla-firefox-1.5.0.8-0.1.20060mlcs4.src.rpm 3891c87832bbe8586a5a89635d17aac4 corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 813367131571fd2de6015d97fcdbd96c corporate/4.0/x86_64/lib64nspr4-1.5.0.8-0.1.20060mlcs4.x86_64.rpm bd8eac475b3e616d7727f78870838e2a corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 262c97f8a4a11b4e1d05a3c79106920b corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 4eb7982644b66cdb045c941e96f0ba6b corporate/4.0/x86_64/lib64nss3-1.5.0.8-0.1.20060mlcs4.x86_64.rpm e447d521d2cadf03456b6cf47f204e27 corporate/4.0/x86_64/lib64nss3-devel-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 870e49d6e0a0e8d328ea8588968377d4 corporate/4.0/x86_64/mozilla-firefox-1.5.0.8-0.1.20060mlcs4.x86_64.rpm fe479bec573c685eb5a524d43e034e4b corporate/4.0/x86_64/mozilla-firefox-ar-1.5.0.8-0.1.20060mlcs4.x86_64.rpm e3b17bdb5a04725d06feb9eaaed5bb13 corporate/4.0/x86_64/mozilla-firefox-bg-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 81141ec8733b0b1ddb6a03683438da92 corporate/4.0/x86_64/mozilla-firefox-br-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 99cdba287d60a5fcbc725e6a1411c88c corporate/4.0/x86_64/mozilla-firefox-ca-1.5.0.8-0.1.20060mlcs4.x86_64.rpm e0f7a0e82af8c8494662d3fa19140e79 corporate/4.0/x86_64/mozilla-firefox-cs-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 1f6bc24ee3bef8182d00ab4df69ec387 corporate/4.0/x86_64/mozilla-firefox-da-1.5.0.8-0.1.20060mlcs4.x86_64.rpm b0f068ede8420a34af18c171a40aace4 corporate/4.0/x86_64/mozilla-firefox-de-1.5.0.8-0.1.20060mlcs4.x86_64.rpm c80d12106c9d5ae6d39d595bb7629a9c corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.8-0.1.20060mlcs4.x86_64.rpm f44b29e064accac25bbf1c75ec7cf872 corporate/4.0/x86_64/mozilla-firefox-el-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 46898ed5ce7833e13a14a204df199007 corporate/4.0/x86_64/mozilla-firefox-es-1.5.0.8-0.1.20060mlcs4.x86_64.rpm f7fa4cf4d55ebad18a3f64ed8da661c3 corporate/4.0/x86_64/mozilla-firefox-es_AR-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 136ab61e9aabbaea966f6b125924140b corporate/4.0/x86_64/mozilla-firefox-eu-1.5.0.8-0.1.20060mlcs4.x86_64.rpm a56c87ce3b17e6a050881fe8af67376a corporate/4.0/x86_64/mozilla-firefox-fi-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 2eae3fa8406ac770bba2ffd4e0f765d0 corporate/4.0/x86_64/mozilla-firefox-fr-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 421b50805708b0d890b8029be9feeb3a corporate/4.0/x86_64/mozilla-firefox-fy-1.5.0.8-0.1.20060mlcs4.x86_64.rpm bb0f4306a08c3f07c06479300ac9c567 corporate/4.0/x86_64/mozilla-firefox-ga-1.5.0.8-0.1.20060mlcs4.x86_64.rpm a2752a4d34292e1fdacf2e440387e28c corporate/4.0/x86_64/mozilla-firefox-gu_IN-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 4b462b990bb29314aa8180626dde2d8e corporate/4.0/x86_64/mozilla-firefox-he-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 1e396247f146937bb355d781ed30028a corporate/4.0/x86_64/mozilla-firefox-hu-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 93a8f58e7cae5a88a408f344e56f8902 corporate/4.0/x86_64/mozilla-firefox-it-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 2c1b403e5617e1caec3e4c6a7263a23c corporate/4.0/x86_64/mozilla-firefox-ja-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 4b1842dc6355dac2a3dbadcf7b244cd5 corporate/4.0/x86_64/mozilla-firefox-ko-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 8612355da8a17943f31407e637fa89b2 corporate/4.0/x86_64/mozilla-firefox-lt-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 3ec1a46602a49430424a4830c7a4e14e corporate/4.0/x86_64/mozilla-firefox-mk-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 5ca60240a7ff1dd097438d347cfd194d corporate/4.0/x86_64/mozilla-firefox-nb-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 7012d72f8d7382bf92bacfd52d5a16b3 corporate/4.0/x86_64/mozilla-firefox-nl-1.5.0.8-0.1.20060mlcs4.x86_64.rpm dc805f1226cea17a507e8937232dae90 corporate/4.0/x86_64/mozilla-firefox-pa_IN-1.5.0.8-0.1.20060mlcs4.x86_64.rpm e30d1aa794d2992fd2ccd1f9b1ac7652 corporate/4.0/x86_64/mozilla-firefox-pl-1.5.0.8-0.1.20060mlcs4.x86_64.rpm cdaff2ff2cec4e31720d5b422b3d9153 corporate/4.0/x86_64/mozilla-firefox-pt-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 7fabe48a3d3b30bfb0015cfa51a27e63 corporate/4.0/x86_64/mozilla-firefox-pt_BR-1.5.0.8-0.1.20060mlcs4.x86_64.rpm edeec031bcc3e355b1264004f89d240e corporate/4.0/x86_64/mozilla-firefox-ro-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 9fec0a083306fdbc113a12257cc700c4 corporate/4.0/x86_64/mozilla-firefox-ru-1.5.0.8-0.1.20060mlcs4.x86_64.rpm b7f87f9b0172b016bf20a6d628c528d8 corporate/4.0/x86_64/mozilla-firefox-sk-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 1ca27fa5f612d9e08090ea312b08cd39 corporate/4.0/x86_64/mozilla-firefox-sl-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 449fcb7d04b8a863e873bb473b9c0f53 corporate/4.0/x86_64/mozilla-firefox-sv-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 3433a53ecd5123499f9c58b88dc15c80 corporate/4.0/x86_64/mozilla-firefox-tr-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 70e009f2f21dd5a95f2a56a5c183f36e corporate/4.0/x86_64/mozilla-firefox-uk-1.5.0.8-0.1.20060mlcs4.x86_64.rpm 53336d37c8f78fdf3bbea2f9c0ace96f corporate/4.0/x86_64/mozilla-firefox-zh_CN-1.5.0.8-0.1.20060mlcs4.x86_64.rpm e9e5543570a71f0af3a1a4ea584a2721 corporate/4.0/x86_64/mozilla-firefox-zh_TW-1.5.0.8-0.1.20060mlcs4.x86_64.rpm ec0dee65b1a8045682b753c6e952e84f corporate/4.0/SRPMS/mozilla-firefox-1.5.0.8-0.1.20060mlcs4.src.rpm 3891c87832bbe8586a5a89635d17aac4 corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-0.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFU4rymqjQ0CJFipgRAhpNAJ9eoApPOTg7tYSCQ+sPHT7pAQ/a+gCfcIms mnmaHXjuuaXW/n2k7ghGaGE= =gsi7 -----END PGP SIGNATURE-----
.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA06-333A
Apple Releases Security Update to Address Multiple Vulnerabilities
Original release date: November 29, 2006 Last revised: -- Source: US-CERT
Systems Affected
* Apple Mac OS X version 10.3.x and 10.4.x
* Apple Mac OS X Server version 10.3.x and 10.4.x
* Apple Safari web browser
These vulnerabilities affect both Intel-based and PowerPC-based Apple systems.
Overview
Apple has released Security Update 2006-007 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser. Vulnerabilities in OpenSSL, gzip, and other products are also addressed. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service.
I. Description
Apple Security Update 2006-007 addresses a number of vulnerabilities affecting Mac OS X, OS X Server, Safari web browser, and other products. Further details are available in the related vulnerability notes.
This security update also addresses previously known vulnerabilities in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. Information is also available through the OpenSSL vulnerabilities page. Information about the vulnerabilities in gzip is available in a series of vulnerability notes.
II. Impact
The impacts of these vulnerabilities vary. For specific details, see the appropriate vulnerability notes. Potential consequences include remote execution of arbitrary code or commands, bypass of security restrictions, and denial of service.
III. Solution
Install updates
Install Apple Security Update 2006-007.
IV. References
* Vulnerability Notes for Apple Security Update 2006-007 -
<http://www.kb.cert.org/vuls/byid?searchview&query=apple-2006-007>
* Vulnerability Notes for OpenSSL Security Advisory [28th September
2006] -
http://www.kb.cert.org/vuls/byid?searchview&query=openssl_secadv_20060928
* Vulnerability Note VU#845620 -
<http://www.kb.cert.org/vuls/id/845620>
* Vulnerability Note VU#933712 -
<http://www.kb.cert.org/vuls/id/933712>
* Vulnerability Note VU#381508 -
<http://www.kb.cert.org/vuls/id/381508>
* Vulnerability Note VU#554780 -
<http://www.kb.cert.org/vuls/id/554780>
* Vulnerability Note VU#596848 -
<http://www.kb.cert.org/vuls/id/596848>
* Vulnerability Note VU#773548 -
<http://www.kb.cert.org/vuls/id/773548>
* About the security content of Security Update 2006-007 -
<http://docs.info.apple.com/article.html?artnum=304829>
* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>
* Apple Downloads - <http://www.apple.com/support/downloads/>
* OpenSSL: OpenSSL vulnerabilities -
<http://www.openssl.org/news/vulnerabilities.html>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Safari>
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA06-333A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA06-333A Feedback VU#191336" in the subject.
Produced 2006 by US-CERT, a government organization.
Terms of use:
http://www.us-cert.gov/legal.html
Revision History
November 29, 2006: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6 lJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz iN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7 xr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf 8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q A580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg== =f7N+ -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1224-1 security@debian.org http://www.debian.org/security/ Martin Schulze December 3rd, 2006 http://www.debian.org/security/faq
Package : mozilla Vulnerability : several Problem type : remote Debian-specific: no CVE IDs : CVE-2006-4310 CVE-2006-5462 CVE-2006-5463 CVE-2006-5464 CVE-2006-5748 CERT advisories: VU#335392 VU#390480 VU#495288 VU#714496 BugTraq IDs : 19678 20957
Several security related problems have been discovered in Mozilla and derived products. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities:
CVE-2006-4310
Tomas Kempinsky discovered that malformed FTP server responses
could lead to denial of service.
CVE-2006-5462
Ulrich K\xfchn discovered that the correction for a cryptographic
flaw in the handling of PKCS-1 certificates was incomplete, which
allows the forgery of certificates.
CVE-2006-5463
"shutdown" discovered that modification of JavaScript objects
during execution could lead to the execution of arbitrary
JavaScript bytecode.
CVE-2006-5748
Igor Bukanov and Jesse Ruderman discovered several crashes in the
JavaScript engine, which might allow execution of arbitrary code.
This update also adresses several crashes, which could be triggered by malicious websites and fixes a regression introduced in the previous Mozilla update.
For the stable distribution (sarge) these problems have been fixed in version 1.7.8-1sarge8.
We recommend that you upgrade your mozilla package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8.dsc
Size/MD5 checksum: 1124 a6f4c7ddbcb0d9126d4e0a81fda4059a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8.diff.gz
Size/MD5 checksum: 574770 77a056d9582389d1a31de1136dd7a0a2
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz
Size/MD5 checksum: 30589520 13c0f0331617748426679e8f2e9f537a
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 168064 33104218442c9bd7b113df794afdefe0
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 148564 be8d4aeb7da1d0a7e7524096cefee038
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 184948 f831a7dd089c599c695ab540720be912
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 858396 bd636d8d59d54016d4051ae37fbf0455
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 1034 bb3c11032fe99445e2831485155f9bec
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 11494648 a1029b5935bf687048b0a8156fb3910c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 403290 ade408aef33a53453263a2a83cf96524
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 158332 ccdc52d9b79b5359e18ef4f8e39ae068
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 3358886 c86ce3ccec680c80730cf046560d1cc8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 122288 91187d98388e73f4ca5aa93314a23d78
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 204152 405074b924c7ec7450da6cc623a2d6f9
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 1937184 a527be2c3bb0991c25b1388b17f36509
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_alpha.deb
Size/MD5 checksum: 212628 6c21078c7b3676273f1224c7028e4f63
AMD64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 168068 44912cded148a15690602d83b05517c4
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 147682 56dd565ea350862e6c512562929d6beb
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 184956 1f2c8bb99907df91c3d0f7800d77461d
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 716604 df8853c93a3f8688efc458929802087a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 1036 2691304128a390fa0d0ddd06e5c014fd
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 10958880 c7c04de71bd68b738f13c187a88b4ab1
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 403272 6f5cba2fcd9f28e58e1a46ce9fe2034d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 158328 ffd9e0136af049212c7668080b1590ba
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 3352912 accc3e9736aa0758d131cdf459e2be49
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 121194 cbf6ac02a99d7fb7a64cc29b07433c82
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 204156 ed48ca294a99e3e18eed491119c0d5ea
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 1936052 c051bd4fe32d5d0225f3eae41b01af61
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_amd64.deb
Size/MD5 checksum: 204454 e52b74e973244cdc91030148777b2607
ARM architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 168078 056a33d7d2c0d1ddec9dc82bc10fa91b
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 126062 279c0b2b4672b68c99414f2864d48c8e
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 184962 d3b634a995bcb30e328c4bc23db47742
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 633928 2021be577fc4731afad9fb85f10b900e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 1036 a6a62863932baa16457b8957f191dc8c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 9221058 38cf4492787382ca6f092f8b8996c29d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 403328 db6d998bf24a01bc40e8958c18b8354a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 158342 5851791133fe390520c0dc627cf0e5bb
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 3342584 471aee590010373272675eb6dc51bf9b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 112668 3a2b8d1d473e4801a0e90f0e6e20d173
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 204162 6679a330049947996fd1649ee9015238
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 1604480 9ce39476d103f3d42cb500853c5f24d8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_arm.deb
Size/MD5 checksum: 169002 02c81d7993667ef81be7c602681e96f0
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 168076 906aae615cfccc867128dfe39ac510bc
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 158584 e4d74474057887b6cb2852f4e4b01c74
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 184956 5551d423e4375da8fb4f9c16dd6a3f3b
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 756664 d2a92775acd425551d1804c23eae7bdf
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 1038 7e88d25552135eb7f79a2fd2c6bd2b22
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 12177466 14304d3394a221c2aa7bc531af9b591b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 403286 f98a9ce0ae8980625c282f80523f0bc7
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 158338 c384d2a4f962d0b9820a5ba28cd1218c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 3359316 77e7f6cfee145742ae2e13f24ec27def
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 123522 69dbc3a82863990e7ca431b7f6a29b61
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 204160 34b097e3f1e4a08af78541d3a12271e7
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 2135234 33d7b6fbf3a170104167b5403fc3f794
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_hppa.deb
Size/MD5 checksum: 216448 fb8e5b76a683c26e1c3ced60acbb23b2
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 168078 fead516428ff54afba8fb9ffeb6107b7
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 138378 89380d80fe8f7e985a9307a9a677bc3e
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 184968 0abd8dfb25de28cb50c5e58648a0ff3a
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 662194 a2f137e0d9c3c8a936a7ef1393de2955
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 1036 fd2f5c0d987df8a32ab9818ff0a2d968
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 10315404 db2f25cbb471e5387de1aeef7e176f7e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 403286 b3bf4d34d9a51f3f1708b06c70901cf3
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 158358 fde8eec72729840210de689b2a343a51
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 3348734 081bfa3f5e9b81894f5a147ec05298ab
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 116236 5bb8e35c9cf6bcf73572e1307d4e036f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 204172 bb709199707869539300ae4ace073983
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 1811294 790f8577dc06fc90034945919a949ac7
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_i386.deb
Size/MD5 checksum: 192634 592adc759e44972dacdc85ebe1296a63
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 168060 3ee0a67cfc308f6d7b0f9343a63f02fb
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 176012 62b50ac23c369004b18620238da294dd
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 184936 443ef5c72a5fd2b92028468433fdc2da
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 968864 f4e5406c1a7abe968b52cccfd4ba3041
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 1032 682087a412c08bbc251fe22e56a0dd6d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 12966514 05ed823dbd6c55fd456f03f63aefb7e3
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 403270 03b53aaf2cd12b98d1e3f6f8a8d7dbea
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 158318 ee4f77127d14a091d8730fbcb7cab219
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 3378656 76bc26292ee2482e3b7f18b807357898
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 125584 372e14fa5d4a23a4df7f4b393f66bc3a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 204148 030a13e33c394393c22cbbe03a5fd7b7
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 2302326 2045f4c0ded45041ede24f2fe8316f25
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_ia64.deb
Size/MD5 checksum: 242940 92b1755ece7f86361e2467ecbe8a0b98
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 168086 d72a577c1f74c1e64183625c6afbb356
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 127678 38a811b392550848806b4ea82b3786d9
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 184978 37b8d8c26f1e913bcc0676351655fbd9
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 601900 70ae4f03be4fb2a05589149a565184f4
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 1044 843ae71e0612517ec6d037f0157bcc6a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 9716824 1976d754f162f52fada5c6ae709a63df
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 403350 9299ef454121636429cd58ce4648de74
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 158384 8f5d9c08ce9ee22a7a523ab12d0339a1
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 3337078 7c2763fc5d1399ba0f6de5e60c487a9f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 114460 847321a189d09a37590931b7bdaa12b8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 204188 0acd1202b74153c09e96dc03c82f858c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 1683182 6fce1b70bc59f24fcaf9204ed8045a0e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_m68k.deb
Size/MD5 checksum: 175004 ba9f9d625b54cb3b8338f353eb591d63
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 168066 40951a292610d572fb32bc9a08e3d716
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 142540 467f786d8c69106d6bf52c4ff0f147df
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 184948 90d54a6da32f70c55e562ba0908bb615
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 727612 bef2fa46727d30564df686f3bec97b4c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 1036 3f24cf20cf983e887def6ab4e83d313f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 10739450 81c0c801442b91873e351e6469cd626d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 403256 7dea9f93c79476d6c4a08e7da9749d71
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 158328 6ff36aad6504f5156e2cdc4e4e6990fa
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 3358884 7dc0ffad84ddf4ff45ed019f856ddde8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 117622 63931cee65d76f9c7810110fffd591b7
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 204148 64b3b20a437d605742e300d41cdbf251
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 1795510 92e0f045d8bf37b1ea6d90e84480d40c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_mips.deb
Size/MD5 checksum: 190118 debdc2467236eec1f5ca49bc8ddac2c9
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 168074 cf9f50671782c08500d3c2d29f93ef9e
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 142492 b7b2127fa138bd01dc1c7b4fb4dc1638
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 184942 4a26b1d61ac0daf627f2e7cb8797db82
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 717068 0b935bf6dca82a129f2c678b6069b928
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 1040 69af0bb34af5f881b501bd829b4364bf
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 10620284 93085f80cc02f554bf3d7e1e0d39c176
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 403274 526ced11500a8d0c08044786255199df
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 158340 7b6d7ee717b0bf427bbb469b05908f38
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 3359422 a710eb88d086ddd2f41f1c0f9a1582c6
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 117206 6f80a50306eb573deaa8052ef7b953c4
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 204160 182f59bc3a66185d5d99f4f4b892bf0d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 1777592 0bef8a8191417e642e11a87b95cbff28
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_mipsel.deb
Size/MD5 checksum: 187610 15e1ba2286e45ea4de8bd10e1043b4ae
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 168068 4afc44e689523284f6596c49a0c57c04
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 132968 c7f1bc15d01ace3a8544dd8ac09c4f5f
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 184954 69dd645183560089b4f0b079b14ff7ba
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 720814 b919244b4647539e92ac8496175e5ec9
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 1030 c93abd84beb9d1b5df1f393dcb742e4d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 9712666 01692a2bb19b64406bcdecdf43fd6921
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 403274 c84c30bab18ab3337cf7c995f1bd235e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 158332 e356212dd93e1bd4762f0350461bc0d8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 3341184 51eac899e26a44b28ca9304f7de58bad
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 114586 582bec3e96ed89fb2b66d127135c2d99
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 204154 cfcef824bc6d730f8749e92626377512
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 1643132 05d2aae54574a7440b11e3d1683b4491
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_powerpc.deb
Size/MD5 checksum: 175800 b9c2d4010924375ae96697b5c85a2886
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 168068 49233d2e9ce43df4702d355bbe0a1405
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 158304 a8cdc38cb9ac827b54c646b8b5c2b2e7
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 184938 4f7852977d08f31cfad5e8c352946426
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 801008 abfe303f9e48e5341c81a9622c0f9f1c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 1032 35f2fdd96e584c9afbda26d3395ef78f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 11340612 0a8315780402713a6f25f3bb068b9593
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 403268 f4d3465aae90c369a0f4b0000f9b76f9
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 158330 01c26b88dbf2a25b4520e484a324267e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 3353508 2d8ca556688100796c7b66b65f509246
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 121340 1c28f9aa34ab20b8c9b87b6a484f29c0
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 204142 e2c4c8c3b721f3560390c86f8a8e4f42
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 1944770 525714424a1fa0131327ced0961987c9
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_s390.deb
Size/MD5 checksum: 213646 31a3c2bc95b020fa1a4104cdb24f51cf
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 168070 ec1b9711bc09abaf87a1e8caeac523a9
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 130234 a57dbc4e7d4fb4a7269dce9063b848d9
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 184964 f6d4813d577feef2530f5993e4dc5464
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 674592 5634a5745abfd58cec63f3615b9a7e0e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 1036 222687822a8e79b3407dd3edec552b19
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 9385078 1e10244c49ded27051ea0eeef38508f5
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 403290 fe2140858be3ef7e5b732dc9d98f5f40
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 158338 5703ab5f69f23b9deccc705bf97bfe16
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 3342206 18dd2adf74fc28147f85cc55d4bafc25
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 112520 0d19cd564f1c80ce919f85da844fe535
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 204166 6caff56854b59671710aace6b683bcc2
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 1583766 3366a381ab996886b6924e1d12ad0bc7
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_sparc.deb
Size/MD5 checksum: 168196 2fc28554dfb6e322e354ccbdff26fb50
These files will probably be moved into the stable distribution on its next update. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200612-07
http://security.gentoo.org/
Severity: Normal Title: Mozilla Firefox: Multiple vulnerabilities Date: December 10, 2006 Bugs: #154434 ID: 200612-07
Synopsis
Multiple vulnerabilities have been reported in Mozilla Firefox.
Background
Mozilla Firefox is a popular open-source web browser from the Mozilla Project. -------------------------------------------------------------------
Description
Mozilla Firefox improperly handles Script objects while they are being executed. Mozilla Firefox has also been found to be vulnerable to various possible buffer overflows. Lastly, the binary release of Mozilla Firefox is vulnerable to a low exponent RSA signature forgery issue because it is bundled with a vulnerable version of NSS.
Impact
An attacker could entice a user to view specially crafted JavaScript and execute arbitrary code with the rights of the user running Mozilla Firefox. It is also possible for an attacker to make up SSL/TLS certificates that would not be detected as invalid by the binary release of Mozilla Firefox, raising the possibility for Man-in-the-Middle attacks.
Workaround
There is no known workaround at this time.
Resolution
All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-1.5.0.8"
All Mozilla Firefox binary release users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-1.5.0.8"
References
[ 1 ] CVE-2006-5462 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5462 [ 2 ] CVE-2006-5463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463 [ 3 ] CVE-2006-5464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464 [ 4 ] CVE-2006-5747 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747 [ 5 ] CVE-2006-5748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200612-07.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mozilla",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rsa security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5"
},
{
"_id": null,
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"_id": null,
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"_id": null,
"model": "firefox",
"scope": "lte",
"trust": 0.8,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "seamonkey",
"scope": "lte",
"trust": 0.8,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "lte",
"trust": 0.8,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 10 sparc for )"
},
{
"_id": null,
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 10 x86 for )"
},
{
"_id": null,
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 8 sparc for )"
},
{
"_id": null,
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 8 x86 for )"
},
{
"_id": null,
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 9 sparc for )"
},
{
"_id": null,
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 9 x86 for )"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"_id": null,
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"_id": null,
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"_id": null,
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"_id": null,
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"_id": null,
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"_id": null,
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"_id": null,
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"_id": null,
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"_id": null,
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"_id": null,
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"_id": null,
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"_id": null,
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"_id": null,
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"_id": null,
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"_id": null,
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"_id": null,
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"_id": null,
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"_id": null,
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"_id": null,
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"_id": null,
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"_id": null,
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"_id": null,
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"_id": null,
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"_id": null,
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"_id": null,
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"_id": null,
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"_id": null,
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"_id": null,
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"_id": null,
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"_id": null,
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"_id": null,
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"_id": null,
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"_id": null,
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"_id": null,
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"_id": null,
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"_id": null,
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"_id": null,
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"_id": null,
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"_id": null,
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"_id": null,
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"_id": null,
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"_id": null,
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"_id": null,
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"_id": null,
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"_id": null,
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"_id": null,
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"_id": null,
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"_id": null,
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"_id": null,
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"_id": null,
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"_id": null,
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"_id": null,
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"_id": null,
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"_id": null,
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"_id": null,
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"_id": null,
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"_id": null,
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"_id": null,
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"_id": null,
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"_id": null,
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"_id": null,
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"_id": null,
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"_id": null,
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"_id": null,
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"_id": null,
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"_id": null,
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"_id": null,
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"_id": null,
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"_id": null,
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"_id": null,
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"_id": null,
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"_id": null,
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"_id": null,
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"_id": null,
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"_id": null,
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"_id": null,
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"_id": null,
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"_id": null,
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"_id": null,
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"_id": null,
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"_id": null,
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"_id": null,
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"_id": null,
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"_id": null,
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"_id": null,
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"_id": null,
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"_id": null,
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"_id": null,
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"_id": null,
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"_id": null,
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"_id": null,
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"_id": null,
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"_id": null,
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"_id": null,
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"_id": null,
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"_id": null,
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"_id": null,
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"_id": null,
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"_id": null,
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"_id": null,
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"_id": null,
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"_id": null,
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"_id": null,
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"_id": null,
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"_id": null,
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"_id": null,
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"_id": null,
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-148"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mozilla:firefox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:seamonkey",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:thunderbird",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:mozilla",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
}
]
},
"credits": {
"_id": null,
"data": "shutdown shutdown@flashmail.comJesse Ruderman jruderman@gmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-148"
}
],
"trust": 0.6
},
"cve": "CVE-2006-5462",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2006-5462",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-5462",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#335392",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#773548",
"trust": 0.8,
"value": "1.57"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-5462",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-148",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-148"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"description": {
"_id": null,
"data": "Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340. This vulnerability may allow an attacker to forge RSA signatures. A buffer overflow vulnerability in an OpenSSL library function could allow a remote attacker to execute code on an affected system. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\ngzip Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA21996\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21996/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\ngzip 1.x\nhttp://secunia.com/product/4220/\n\nDESCRIPTION:\nTavis Ormandy has reported some vulnerabilities in gzip, which can be\nexploited by malicious people to cause a DoS (Denial of Service) and\npotentially compromise a vulnerable system. \n\n1) A boundary error within the \"make_table()\" function in unlzh.c can\nbe used to modify certain stack data. tricking\na user or automated system into unpacking a specially crafted archive\nfile. tricking a user or\nautomated system into unpacking a specially crafted \"pack\" archive\nfile. \n\n3) A buffer overflow within the \"make_table()\" function of gzip\u0027s LZH\nsupport can be exploited to cause a DoS and potentially to compromise\na vulnerable system by e.g. tricking a user or automated system into\nunpacking an archive containing a specially crafted decoding table. \n\n4) A NULL pointer dereference within the \"huft_build()\" function and\nan infinite loop within the LZH handling can be exploited to cause a\nDoS by e.g. tricking a user or automated system into unpacking a\nspecially crafted archive file. \n\nThe vulnerabilities have been reported in version 1.3.5. \n\nSOLUTION:\nDo not unpack untrusted archive files. \n\nPROVIDED AND/OR DISCOVERED BY:\nTavis Ormandy, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676\n\nOTHER REFERENCES:\nUS-CERT VU#554780:\nhttp://www.kb.cert.org/vuls/id/554780\n\nUS-CERT VU#381508:\nhttp://www.kb.cert.org/vuls/id/381508\n\nUS-CERT VU#773548:\nhttp://www.kb.cert.org/vuls/id/773548\n\nUS-CERT VU#933712:\nhttp://www.kb.cert.org/vuls/id/933712\n\nUS-CERT VU#596848\nhttp://www.kb.cert.org/vuls/id/596848\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nBackground\n==========\n\nThe SeaMonkey project is a community effort to deliver\nproduction-quality releases of code derived from the application\nformerly known as \u0027Mozilla Application Suite\u0027. It is\nimportant to note that in the SeaMonkey email client, JavaScript is\ndisabled by default. \n\n This update provides the latest Firefox to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5462\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748\n http://www.mozilla.org/security/announce/2006/mfsa2006-65.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-66.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-67.html\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n b91b0d758b80cd1e200d557954e0f439 2007.0/i586/deskbar-applet-2.16.0-3.1mdv2007.0.i586.rpm\n c69cea437a51263f156a883f28ba4cc4 2007.0/i586/devhelp-0.12-5.1mdv2007.0.i586.rpm\n 3b7c9bf926f63cac988f1ecc6fe21924 2007.0/i586/devhelp-plugins-0.12-5.1mdv2007.0.i586.rpm\n 45be37431714b21cdc3411d47cfc993b 2007.0/i586/epiphany-2.16.0-4.1mdv2007.0.i586.rpm\n 43475f16b335512313e36265297635e8 2007.0/i586/epiphany-devel-2.16.0-4.1mdv2007.0.i586.rpm\n c94a08e44366b583a7da5127fceaca16 2007.0/i586/epiphany-extensions-2.16.0-3.1mdv2007.0.i586.rpm\n 9fb4708c85d643a04b5487dbcf8a5d54 2007.0/i586/galeon-2.0.1-8.1mdv2007.0.i586.rpm\n c56127106df5a12e10973656d24c1a81 2007.0/i586/gnome-python-extras-2.14.2-6.1mdv2007.0.i586.rpm\n 846b0d6bec7d7624a5633f3e100b277f 2007.0/i586/gnome-python-gdl-2.14.2-6.1mdv2007.0.i586.rpm\n 4fd553ecbe4f3ae7ccc7b0901f2acb5c 2007.0/i586/gnome-python-gksu-2.14.2-6.1mdv2007.0.i586.rpm\n b109f4b0f8ffd6f3c42175e7d2e55789 2007.0/i586/gnome-python-gtkhtml2-2.14.2-6.1mdv2007.0.i586.rpm\n cb77cdfb4a195d0f119b2ab7cc5f14c9 2007.0/i586/gnome-python-gtkmozembed-2.14.2-6.1mdv2007.0.i586.rpm\n 742e895ca6feecf5156a9de6638e3be2 2007.0/i586/gnome-python-gtkspell-2.14.2-6.1mdv2007.0.i586.rpm\n 500510d8547749fbd54097f01bee92a8 2007.0/i586/libdevhelp-1_0-0.12-5.1mdv2007.0.i586.rpm\n 0cc3e9259cbb24f9862bf8fff6f00805 2007.0/i586/libdevhelp-1_0-devel-0.12-5.1mdv2007.0.i586.rpm\n 836629938d38b66e07ce7146c59bcfad 2007.0/i586/libmozilla-firefox1.5.0.8-1.5.0.8-1.1mdv2007.0.i586.rpm\n 885ed8e07e1bea07054574e02fadbeb9 2007.0/i586/libmozilla-firefox1.5.0.8-devel-1.5.0.8-1.1mdv2007.0.i586.rpm\n 0f6172194ca691de3c73e36e0f53c138 2007.0/i586/libnspr4-1.5.0.8-1.1mdv2007.0.i586.rpm\n 2ee2e689224d9e8cf5a546ac721723f0 2007.0/i586/libnspr4-devel-1.5.0.8-1.1mdv2007.0.i586.rpm\n 9027729bb27be1b4155a61d40acfad69 2007.0/i586/libnspr4-static-devel-1.5.0.8-1.1mdv2007.0.i586.rpm\n b22e001507090a91e85404730ce29cac 2007.0/i586/libnss3-1.5.0.8-1.1mdv2007.0.i586.rpm\n 5336661098db8f24270b842f1c224240 2007.0/i586/libnss3-devel-1.5.0.8-1.1mdv2007.0.i586.rpm\n f71a45af0db3336ee69754723812b685 2007.0/i586/libtotem-plparser1-2.16.1-2.1mdv2007.0.i586.rpm\n 3cabb1189288de5a3e56bcb0e10cc9e3 2007.0/i586/libtotem-plparser1-devel-2.16.1-2.1mdv2007.0.i586.rpm\n 1fa974233bf0aca855fdc317fe0dde6b 2007.0/i586/mozilla-firefox-1.5.0.8-1.1mdv2007.0.i586.rpm\n db5728ee5897673fb9e30ec5197662bf 2007.0/i586/mozilla-firefox-ar-1.5.0.8-1.1mdv2007.0.i586.rpm\n 02d9129452f5829c737657ad034470b4 2007.0/i586/mozilla-firefox-bg-1.5.0.8-1.1mdv2007.0.i586.rpm\n 7ee529b84ac1f3ca9f165bad8b2847d4 2007.0/i586/mozilla-firefox-br-1.5.0.8-1.1mdv2007.0.i586.rpm\n b6d1c5797bb91ca707759f73fecd15e8 2007.0/i586/mozilla-firefox-ca-1.5.0.8-1.1mdv2007.0.i586.rpm\n fcdd7a343fb41fe5f24de72248056834 2007.0/i586/mozilla-firefox-cs-1.5.0.8-1.1mdv2007.0.i586.rpm\n f19ce159de7d48f294488f643ad7bdf4 2007.0/i586/mozilla-firefox-da-1.5.0.8-1.1mdv2007.0.i586.rpm\n 4b27e9aa3ce6fe4e997da687eea53bbc 2007.0/i586/mozilla-firefox-de-1.5.0.8-1.1mdv2007.0.i586.rpm\n aaad0bfd4901285073a20bef2098cba9 2007.0/i586/mozilla-firefox-el-1.5.0.8-1.1mdv2007.0.i586.rpm\n edff07926737f59f8787e9937afa9b8a 2007.0/i586/mozilla-firefox-es-1.5.0.8-1.1mdv2007.0.i586.rpm\n 210d8c468009c721565e026296666395 2007.0/i586/mozilla-firefox-es_AR-1.5.0.8-1.1mdv2007.0.i586.rpm\n bdc0ba81bd408233afe07e2401e85352 2007.0/i586/mozilla-firefox-eu-1.5.0.8-1.1mdv2007.0.i586.rpm\n 06069ba3e43848aadcb72e6947994b87 2007.0/i586/mozilla-firefox-fi-1.5.0.8-1.1mdv2007.0.i586.rpm\n 5121b04fc402ed288c6cc69fd63390c9 2007.0/i586/mozilla-firefox-fr-1.5.0.8-1.1mdv2007.0.i586.rpm\n e012d0888e85efca0f6844dcde5425eb 2007.0/i586/mozilla-firefox-fy-1.5.0.8-1.1mdv2007.0.i586.rpm\n 9aa48833f1727776f299fbe44da6d640 2007.0/i586/mozilla-firefox-ga-1.5.0.8-1.1mdv2007.0.i586.rpm\n 9e4422078a1442d5da6f82819275f25f 2007.0/i586/mozilla-firefox-gu_IN-1.5.0.8-1.1mdv2007.0.i586.rpm\n 82a9d909d6c3291ae08c0cce71b44ae8 2007.0/i586/mozilla-firefox-he-1.5.0.8-1.1mdv2007.0.i586.rpm\n 7f2781630650b1545d55b37488978899 2007.0/i586/mozilla-firefox-hu-1.5.0.8-1.1mdv2007.0.i586.rpm\n 0493ee7667fefec6a3de55e935277945 2007.0/i586/mozilla-firefox-it-1.5.0.8-1.1mdv2007.0.i586.rpm\n 34c99eaffc8c81a1ca5fe9acd30cde21 2007.0/i586/mozilla-firefox-ja-1.5.0.8-1.1mdv2007.0.i586.rpm\n 85774cb7ee97e65dcb504c13ce724aee 2007.0/i586/mozilla-firefox-ko-1.5.0.8-1.1mdv2007.0.i586.rpm\n 2c49ee65c2445ee4786d2cb86d4429e8 2007.0/i586/mozilla-firefox-lt-1.5.0.8-1.1mdv2007.0.i586.rpm\n 67323c14122b6eb59e952248814109ad 2007.0/i586/mozilla-firefox-mk-1.5.0.8-1.1mdv2007.0.i586.rpm\n fec42dd3e26f97c6c1fccf81b91f8589 2007.0/i586/mozilla-firefox-nb-1.5.0.8-1.1mdv2007.0.i586.rpm\n ff411ab2378f14644688cd1320f57ea6 2007.0/i586/mozilla-firefox-nl-1.5.0.8-1.1mdv2007.0.i586.rpm\n b2df3df581175ae8864ec9a9e93775a7 2007.0/i586/mozilla-firefox-pa_IN-1.5.0.8-1.1mdv2007.0.i586.rpm\n 911a5970bd3761696b24e5d581c9a568 2007.0/i586/mozilla-firefox-pl-1.5.0.8-1.1mdv2007.0.i586.rpm\n ee6fbbbdbe58aed00f5ec227b3a92595 2007.0/i586/mozilla-firefox-pt-1.5.0.8-1.1mdv2007.0.i586.rpm\n d06fb1aed51e5e6a61674efcf3e51121 2007.0/i586/mozilla-firefox-pt_BR-1.5.0.8-1.1mdv2007.0.i586.rpm\n b9cf70e42a6db664db4be531a37f7081 2007.0/i586/mozilla-firefox-ro-1.5.0.8-1.1mdv2007.0.i586.rpm\n da8429df8cbab950a49ad4228ca6ccf3 2007.0/i586/mozilla-firefox-ru-1.5.0.8-1.1mdv2007.0.i586.rpm\n b423bdb3e2bebcabfe243fbbf0949eb4 2007.0/i586/mozilla-firefox-sk-1.5.0.8-1.1mdv2007.0.i586.rpm\n eb04f6705026d20c856d6e13e72f81cf 2007.0/i586/mozilla-firefox-sl-1.5.0.8-1.1mdv2007.0.i586.rpm\n 87640b95904f2312c7fae1f9f658d179 2007.0/i586/mozilla-firefox-sv-1.5.0.8-1.1mdv2007.0.i586.rpm\n 37931adaac825ccefd80ee8285374e94 2007.0/i586/mozilla-firefox-tr-1.5.0.8-1.1mdv2007.0.i586.rpm\n d64689cba4cf6937dac22efc5680874d 2007.0/i586/mozilla-firefox-uk-1.5.0.8-1.1mdv2007.0.i586.rpm\n 2fe43c1846f4e27e36f19d76c20c918d 2007.0/i586/mozilla-firefox-zh_CN-1.5.0.8-1.1mdv2007.0.i586.rpm\n ca54a9d6c8e2a6e0d532907538a44b01 2007.0/i586/mozilla-firefox-zh_TW-1.5.0.8-1.1mdv2007.0.i586.rpm\n 0353fb538eff1f7f1964650b08f223fb 2007.0/i586/totem-2.16.1-2.1mdv2007.0.i586.rpm\n e0b5fc2bbd3d70d139c3df0233e5b6ea 2007.0/i586/totem-common-2.16.1-2.1mdv2007.0.i586.rpm\n ac4a4d6ffbc72eeda3ac58ee9552cfa3 2007.0/i586/totem-gstreamer-2.16.1-2.1mdv2007.0.i586.rpm\n 76d609348d6b614f6d8fc2ed8c32441d 2007.0/i586/totem-mozilla-2.16.1-2.1mdv2007.0.i586.rpm\n decfb1f205b088d8674af45ac6a8aa2a 2007.0/i586/totem-mozilla-gstreamer-2.16.1-2.1mdv2007.0.i586.rpm\n 6c5f1b1c0c8e144a1e01bab350bdf125 2007.0/i586/yelp-2.16.0-2.1mdv2007.0.i586.rpm \n 01c2ab33db63e292029039474f459aae 2007.0/SRPMS/deskbar-applet-2.16.0-3.1mdv2007.0.src.rpm\n 5d9e32656fbb38c0c7343ebb0878146a 2007.0/SRPMS/devhelp-0.12-5.1mdv2007.0.src.rpm\n 0c2b87587f16838fa4a31a2c2a939cad 2007.0/SRPMS/epiphany-2.16.0-4.1mdv2007.0.src.rpm\n 32fa8d811ae52f9a4405894bdb5344ed 2007.0/SRPMS/epiphany-extensions-2.16.0-3.1mdv2007.0.src.rpm\n 7351e6dfda7596598f93c50f2ac06acf 2007.0/SRPMS/galeon-2.0.1-8.1mdv2007.0.src.rpm\n 55e77fdd797856bf73ae92b02105ae73 2007.0/SRPMS/gnome-python-extras-2.14.2-6.1mdv2007.0.src.rpm\n 83c301b1641404592346d332e2b24962 2007.0/SRPMS/mozilla-firefox-1.5.0.8-1.1mdv2007.0.src.rpm\n 4c88b90b47815b11763db6c6f60a08ad 2007.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-1.1mdv2007.0.src.rpm\n 659f3151e56585d2d35dcd11806dcc0c 2007.0/SRPMS/totem-2.16.1-2.1mdv2007.0.src.rpm\n cfff6d40ac58bc9c5bb5d20efd1a4e0a 2007.0/SRPMS/yelp-2.16.0-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 80851043dd92218983323ad1a9d93668 2007.0/x86_64/deskbar-applet-2.16.0-3.1mdv2007.0.x86_64.rpm\n f6e80f07ecf15b967d485dbcaa9f7e8c 2007.0/x86_64/devhelp-0.12-5.1mdv2007.0.x86_64.rpm\n 04a535f48452519eba13d00c97b11159 2007.0/x86_64/devhelp-plugins-0.12-5.1mdv2007.0.x86_64.rpm\n 9c6816b2d3599f1b381c7fba9527b340 2007.0/x86_64/epiphany-2.16.0-4.1mdv2007.0.x86_64.rpm\n 6a6b53599dfbbd3d27c8fda5e4cc2d1c 2007.0/x86_64/epiphany-devel-2.16.0-4.1mdv2007.0.x86_64.rpm\n 9ab9ca8ca14379996e532a2dade68f3a 2007.0/x86_64/epiphany-extensions-2.16.0-3.1mdv2007.0.x86_64.rpm\n f4b923e368b05c4ce7ebeff201e40265 2007.0/x86_64/galeon-2.0.1-8.1mdv2007.0.x86_64.rpm\n d2a1eea4906952103afc940c600a7f75 2007.0/x86_64/gnome-python-extras-2.14.2-6.1mdv2007.0.x86_64.rpm\n 62d428088816a83b120559f3f915c871 2007.0/x86_64/gnome-python-gdl-2.14.2-6.1mdv2007.0.x86_64.rpm\n b3ab1bcaed14b17bec6b43f82fb8fdad 2007.0/x86_64/gnome-python-gksu-2.14.2-6.1mdv2007.0.x86_64.rpm\n 942d7c7bb0f4cf3d64ac4fcf67cdd468 2007.0/x86_64/gnome-python-gtkhtml2-2.14.2-6.1mdv2007.0.x86_64.rpm\n 57543cedc85f4c33f87e1959d93eb0c9 2007.0/x86_64/gnome-python-gtkmozembed-2.14.2-6.1mdv2007.0.x86_64.rpm\n 69c4189877051a5252555453d25ae0f5 2007.0/x86_64/gnome-python-gtkspell-2.14.2-6.1mdv2007.0.x86_64.rpm\n 454ad59ac0495bd1d8cc413ef0fe6643 2007.0/x86_64/lib64devhelp-1_0-0.12-5.1mdv2007.0.x86_64.rpm\n f7867ec9589fa978f18f902e633810f3 2007.0/x86_64/lib64devhelp-1_0-devel-0.12-5.1mdv2007.0.x86_64.rpm\n 3116eecdec16bbadf00c6173b2471a0e 2007.0/x86_64/lib64mozilla-firefox1.5.0.8-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 69eba98dffdffa568175834600567101 2007.0/x86_64/lib64mozilla-firefox1.5.0.8-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 0c2521c7efb4fa49631ddd57206870b7 2007.0/x86_64/lib64nspr4-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n c1c80f43574c4c949429f4f012b1f5c8 2007.0/x86_64/lib64nspr4-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 5351fd089034e5ed4e44e52d98752f86 2007.0/x86_64/lib64nspr4-static-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 394fb954fb75c68a9ebbbd20a5b4cff6 2007.0/x86_64/lib64nss3-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 7ac1ec573542b20aada4abf4483a545e 2007.0/x86_64/lib64nss3-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 79fc091b8555ad1566a23a08a6dc1173 2007.0/x86_64/lib64totem-plparser1-2.16.1-2.1mdv2007.0.x86_64.rpm\n b8c4befca901874d8092c1ae003ef25c 2007.0/x86_64/lib64totem-plparser1-devel-2.16.1-2.1mdv2007.0.x86_64.rpm\n b2dc7ad59e244330a96814c9d8e0212a 2007.0/x86_64/mozilla-firefox-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 7ce40b4a2bf93cd05686e118af4838c6 2007.0/x86_64/mozilla-firefox-ar-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n c39542f4f59411271bb46baf5648cf60 2007.0/x86_64/mozilla-firefox-bg-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 1b8ff77c52dfaa869b0855fadb55f0f6 2007.0/x86_64/mozilla-firefox-br-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 3865dafd06ae1b38a9a6c4729b8446f5 2007.0/x86_64/mozilla-firefox-ca-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 1cfa510ed5cce13c5c087d3d5c2a82a1 2007.0/x86_64/mozilla-firefox-cs-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 48d1488dbd34e1e7c97e861891000251 2007.0/x86_64/mozilla-firefox-da-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 01a29973e5c74d794fcfaaad573ee8c6 2007.0/x86_64/mozilla-firefox-de-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n a39500ca6eb0040c232e5ef5cf7a91d0 2007.0/x86_64/mozilla-firefox-el-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 375fb37154f945d9722d2e9ff3287de9 2007.0/x86_64/mozilla-firefox-es-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 46d2118a894bdbde59e14fa0681daab1 2007.0/x86_64/mozilla-firefox-es_AR-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n e3cab8d2631fc9c76c901c669c677a85 2007.0/x86_64/mozilla-firefox-eu-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 19e20f44c093c5d401885f9f673db7c9 2007.0/x86_64/mozilla-firefox-fi-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 5dedc30b432e1e9236bd2d6639a1fb05 2007.0/x86_64/mozilla-firefox-fr-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 0c0ab629fe2067e5ee9988dae0f92cb6 2007.0/x86_64/mozilla-firefox-fy-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 870b3cfcf3a0fe0001d77f9cd6f07fdc 2007.0/x86_64/mozilla-firefox-ga-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 28bf3c7257b6e23805efc4386d5c520b 2007.0/x86_64/mozilla-firefox-gu_IN-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n b6fdd904314ab62a67d521761ca83975 2007.0/x86_64/mozilla-firefox-he-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n b35feb2b469f18ffb37fdb7ab631284c 2007.0/x86_64/mozilla-firefox-hu-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n ecbdd5415283fc99cead2d1a2e30d7d7 2007.0/x86_64/mozilla-firefox-it-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 0b08708225efb7a1ad0e2a93efcaaecb 2007.0/x86_64/mozilla-firefox-ja-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 64f8dab64d7edacdd8dea9312f3bc371 2007.0/x86_64/mozilla-firefox-ko-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 190710b65f4a1cc46bdf26654bc97711 2007.0/x86_64/mozilla-firefox-lt-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 8ca2562da91458eccc590fc610dff9c4 2007.0/x86_64/mozilla-firefox-mk-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n bcf462e1a0eec021e9aab03fb7480f76 2007.0/x86_64/mozilla-firefox-nb-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n d2fbfeed3c54958b05d13fac09c173c6 2007.0/x86_64/mozilla-firefox-nl-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n b8cef648a1529759b7b2a70b915eca38 2007.0/x86_64/mozilla-firefox-pa_IN-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 05feec907328879bb87f3bc28b9d248f 2007.0/x86_64/mozilla-firefox-pl-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n df425a9aba8146cba8905bfe460cb862 2007.0/x86_64/mozilla-firefox-pt-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 5b3fe1c5ee087b003269049d68f3ee13 2007.0/x86_64/mozilla-firefox-pt_BR-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 08a2711a6f6117158630f60500ae5986 2007.0/x86_64/mozilla-firefox-ro-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n dd8348feec156ef4ae500129e212b044 2007.0/x86_64/mozilla-firefox-ru-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 68faaf2302efde9c04bc63d481be7467 2007.0/x86_64/mozilla-firefox-sk-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n ad0f25da8b2331ea10eced98a902ce3a 2007.0/x86_64/mozilla-firefox-sl-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n d68781b83b403363063d96df642d83c7 2007.0/x86_64/mozilla-firefox-sv-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 120fe382a40f46677aa7e07672af6e8e 2007.0/x86_64/mozilla-firefox-tr-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 58271805cec18b640c478662226aa4c2 2007.0/x86_64/mozilla-firefox-uk-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 1c64c9af61a9a9c101dc8339746d29a0 2007.0/x86_64/mozilla-firefox-zh_CN-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 7b62a0cd4b6f22710f5dea490c69cd77 2007.0/x86_64/mozilla-firefox-zh_TW-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n a349937cee9565d010122b8dfe81da94 2007.0/x86_64/totem-2.16.1-2.1mdv2007.0.x86_64.rpm\n 3672074a8d7a1f064b5a783a583d4da7 2007.0/x86_64/totem-common-2.16.1-2.1mdv2007.0.x86_64.rpm\n 361606c2139028e96419a7c57c50dd9a 2007.0/x86_64/totem-gstreamer-2.16.1-2.1mdv2007.0.x86_64.rpm\n 7a50ef64653d6a9b78a5cdc278b4bcfa 2007.0/x86_64/totem-mozilla-2.16.1-2.1mdv2007.0.x86_64.rpm\n 361bf8fcba11cc9ddab784a0e3c9706d 2007.0/x86_64/totem-mozilla-gstreamer-2.16.1-2.1mdv2007.0.x86_64.rpm\n a58c9e43565011c27bb5d727d0d071e8 2007.0/x86_64/yelp-2.16.0-2.1mdv2007.0.x86_64.rpm \n 01c2ab33db63e292029039474f459aae 2007.0/SRPMS/deskbar-applet-2.16.0-3.1mdv2007.0.src.rpm\n 5d9e32656fbb38c0c7343ebb0878146a 2007.0/SRPMS/devhelp-0.12-5.1mdv2007.0.src.rpm\n 0c2b87587f16838fa4a31a2c2a939cad 2007.0/SRPMS/epiphany-2.16.0-4.1mdv2007.0.src.rpm\n 32fa8d811ae52f9a4405894bdb5344ed 2007.0/SRPMS/epiphany-extensions-2.16.0-3.1mdv2007.0.src.rpm\n 7351e6dfda7596598f93c50f2ac06acf 2007.0/SRPMS/galeon-2.0.1-8.1mdv2007.0.src.rpm\n 55e77fdd797856bf73ae92b02105ae73 2007.0/SRPMS/gnome-python-extras-2.14.2-6.1mdv2007.0.src.rpm\n 83c301b1641404592346d332e2b24962 2007.0/SRPMS/mozilla-firefox-1.5.0.8-1.1mdv2007.0.src.rpm\n 4c88b90b47815b11763db6c6f60a08ad 2007.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-1.1mdv2007.0.src.rpm\n 659f3151e56585d2d35dcd11806dcc0c 2007.0/SRPMS/totem-2.16.1-2.1mdv2007.0.src.rpm\n cfff6d40ac58bc9c5bb5d20efd1a4e0a 2007.0/SRPMS/yelp-2.16.0-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n e9c20691dca1541a9ca1410554d8860d corporate/3.0/i586/libnspr4-1.5.0.8-0.1.C30mdk.i586.rpm\n 2d7eb84862b6c15cb765095290bc55be corporate/3.0/i586/libnspr4-devel-1.5.0.8-0.1.C30mdk.i586.rpm\n 3ba8dd79e1593e672f33107631d84e4a corporate/3.0/i586/libnspr4-static-devel-1.5.0.8-0.1.C30mdk.i586.rpm\n 827734706e6af0fb0402dcbc57f677a6 corporate/3.0/i586/libnss3-1.5.0.8-0.1.C30mdk.i586.rpm\n 0e16702e278ff43264ed7069ff31a59b corporate/3.0/i586/libnss3-devel-1.5.0.8-0.1.C30mdk.i586.rpm\n 15674f3f327a0860c0feffc89dcc8c45 corporate/3.0/i586/mozilla-firefox-1.5.0.8-0.1.C30mdk.i586.rpm\n fa5318afe39b796670cd0ab0410cdc4b corporate/3.0/i586/mozilla-firefox-ar-1.5.0.8-0.1.C30mdk.i586.rpm\n 4d9dca29468193ef164eb5d3dd852370 corporate/3.0/i586/mozilla-firefox-bg-1.5.0.8-0.1.C30mdk.i586.rpm\n 3f049db808da48baeeec58f836e4cd66 corporate/3.0/i586/mozilla-firefox-br-1.5.0.8-0.1.C30mdk.i586.rpm\n f63860a2a8c7a314fd3eb8b3fa7da20b corporate/3.0/i586/mozilla-firefox-ca-1.5.0.8-0.1.C30mdk.i586.rpm\n 6f1b26e0fa8f93cc8147006df4cdc76f corporate/3.0/i586/mozilla-firefox-cs-1.5.0.8-0.1.C30mdk.i586.rpm\n 7a0738e2c91215dadc79e375040530ef corporate/3.0/i586/mozilla-firefox-da-1.5.0.8-0.1.C30mdk.i586.rpm\n 764108d488fe48455d856ff67b407056 corporate/3.0/i586/mozilla-firefox-de-1.5.0.8-0.1.C30mdk.i586.rpm\n b20e8871620a89f08b95f01a568da207 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.8-0.1.C30mdk.i586.rpm\n c462bce9ea56a861a036c3b814d978a4 corporate/3.0/i586/mozilla-firefox-el-1.5.0.8-0.1.C30mdk.i586.rpm\n 9feed3de38ac8e209030c07197432bac corporate/3.0/i586/mozilla-firefox-es-1.5.0.8-0.1.C30mdk.i586.rpm\n 14214019c8d4f5a98639d3c38aa851d2 corporate/3.0/i586/mozilla-firefox-es_AR-1.5.0.8-0.1.C30mdk.i586.rpm\n f3795974e5a4931378e0b974cd177248 corporate/3.0/i586/mozilla-firefox-eu-1.5.0.8-0.1.C30mdk.i586.rpm\n 79c37baa0cdc11d93605a8cb2cea005e corporate/3.0/i586/mozilla-firefox-fi-1.5.0.8-0.1.C30mdk.i586.rpm\n 3a0f6e44d1c19a37ef19874919ceed39 corporate/3.0/i586/mozilla-firefox-fr-1.5.0.8-0.1.C30mdk.i586.rpm\n b0a19b03ec982f5d9db5f67a7aaa7363 corporate/3.0/i586/mozilla-firefox-fy-1.5.0.8-0.1.C30mdk.i586.rpm\n 80a06d2f1788ed174e385abc55eb3051 corporate/3.0/i586/mozilla-firefox-ga-1.5.0.8-0.1.C30mdk.i586.rpm\n 9bca565677ded374c572c1ec4678ff30 corporate/3.0/i586/mozilla-firefox-gu_IN-1.5.0.8-0.1.C30mdk.i586.rpm\n 4928af899e49f32c716fbe9c2ac85dda corporate/3.0/i586/mozilla-firefox-he-1.5.0.8-0.1.C30mdk.i586.rpm\n d014b763538d2dfbea52fa20bcbaa98a corporate/3.0/i586/mozilla-firefox-hu-1.5.0.8-0.1.C30mdk.i586.rpm\n f42a5f2c796542eed3fcbf7551d32847 corporate/3.0/i586/mozilla-firefox-it-1.5.0.8-0.1.C30mdk.i586.rpm\n 8e76658aba8fefe0b8ec693c67285b5f corporate/3.0/i586/mozilla-firefox-ja-1.5.0.8-0.1.C30mdk.i586.rpm\n 0f4f0e40655aed7ace4a0e051fc823f3 corporate/3.0/i586/mozilla-firefox-ko-1.5.0.8-0.1.C30mdk.i586.rpm\n e1ecef228b514caddce72529d900b05f corporate/3.0/i586/mozilla-firefox-lt-1.5.0.8-0.1.C30mdk.i586.rpm\n 1b4a0afc69e2590c5e20520bc84ed06e corporate/3.0/i586/mozilla-firefox-mk-1.5.0.8-0.1.C30mdk.i586.rpm\n cb134936baa5ee67377769999ea287fe corporate/3.0/i586/mozilla-firefox-nb-1.5.0.8-0.1.C30mdk.i586.rpm\n 578f14a4978f05a080f25d47c5a8e622 corporate/3.0/i586/mozilla-firefox-nl-1.5.0.8-0.1.C30mdk.i586.rpm\n e8d5043f825abdfbb4f13d25d41e5ef7 corporate/3.0/i586/mozilla-firefox-pa_IN-1.5.0.8-0.1.C30mdk.i586.rpm\n 6df93a7969b4067886408ea930396996 corporate/3.0/i586/mozilla-firefox-pl-1.5.0.8-0.1.C30mdk.i586.rpm\n c3a9a9eddcd1ec358028a26c3d006250 corporate/3.0/i586/mozilla-firefox-pt-1.5.0.8-0.1.C30mdk.i586.rpm\n 25d505054fc99454df1865bf121c155f corporate/3.0/i586/mozilla-firefox-pt_BR-1.5.0.8-0.1.C30mdk.i586.rpm\n 0ff148c48951ffa94d2a6bfdcb766ec8 corporate/3.0/i586/mozilla-firefox-ro-1.5.0.8-0.1.C30mdk.i586.rpm\n 04ab3e6e9963a7b86716be7b14baa5af corporate/3.0/i586/mozilla-firefox-ru-1.5.0.8-0.1.C30mdk.i586.rpm\n 3ada50ce8ecf2126814db37880c992f2 corporate/3.0/i586/mozilla-firefox-sk-1.5.0.8-0.1.C30mdk.i586.rpm\n 4a66117b50427bc2aa2839111b7ab638 corporate/3.0/i586/mozilla-firefox-sl-1.5.0.8-0.1.C30mdk.i586.rpm\n 6439f21230de80d007347d35b96e2797 corporate/3.0/i586/mozilla-firefox-sv-1.5.0.8-0.1.C30mdk.i586.rpm\n eeda1db56835e2ba3b74eff551360fb6 corporate/3.0/i586/mozilla-firefox-tr-1.5.0.8-0.1.C30mdk.i586.rpm\n 12f8d54646eafff347eeacac23a47b8d corporate/3.0/i586/mozilla-firefox-uk-1.5.0.8-0.1.C30mdk.i586.rpm\n 1e47c896b6401e714a409ea34dc005ea corporate/3.0/i586/mozilla-firefox-zh_CN-1.5.0.8-0.1.C30mdk.i586.rpm\n 9bdebb599b7ef9d63c5e0f589ce6567d corporate/3.0/i586/mozilla-firefox-zh_TW-1.5.0.8-0.1.C30mdk.i586.rpm \n 86b4b1bfc9b8a084cad7ee7d46be291b corporate/3.0/SRPMS/mozilla-firefox-1.5.0.8-0.1.C30mdk.src.rpm\n 2f0e72d3924aff74bc9a55a41b44f60f corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-0.1.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n e41213dc5c63b46a3917bd2b6fdf6b26 corporate/3.0/x86_64/lib64nspr4-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 363650fb4785c9aa32a17d308ab85fbe corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 9f775b9a58d3553e813cbc3a2c6c859c corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 44539ac13c8e371ee870f96f03f89bfc corporate/3.0/x86_64/lib64nss3-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 2c490eb3dfbe2e56b4e2ff479e48fe03 corporate/3.0/x86_64/lib64nss3-devel-1.5.0.8-0.1.C30mdk.x86_64.rpm\n f26042362f1e2f8455c9199f9d9d4f4b corporate/3.0/x86_64/mozilla-firefox-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 44b63c9d73c9070351da9656a1bc8e40 corporate/3.0/x86_64/mozilla-firefox-ar-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 4d3c868d4001fbfc3d95d6245eae0c6f corporate/3.0/x86_64/mozilla-firefox-bg-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 400cfc94d7a111147e97f3373d4af37b corporate/3.0/x86_64/mozilla-firefox-br-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 1aa20a7377c52bdb860f5192d6d5d2a3 corporate/3.0/x86_64/mozilla-firefox-ca-1.5.0.8-0.1.C30mdk.x86_64.rpm\n a6dace88a4772e17536cbb6805539379 corporate/3.0/x86_64/mozilla-firefox-cs-1.5.0.8-0.1.C30mdk.x86_64.rpm\n cf1715ff43e1226b6880c0547194070d corporate/3.0/x86_64/mozilla-firefox-da-1.5.0.8-0.1.C30mdk.x86_64.rpm\n ae5c0718f9fc85a7666b53d355a1fac4 corporate/3.0/x86_64/mozilla-firefox-de-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 92c3c4477e3310a70f1cff09a7b5c6c7 corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 48220b6c5f543dccb50f75e7eb0ab72d corporate/3.0/x86_64/mozilla-firefox-el-1.5.0.8-0.1.C30mdk.x86_64.rpm\n eb7dc2896ee4936d565d91c050ff7b03 corporate/3.0/x86_64/mozilla-firefox-es-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 4c2b296ed6b27d552549be92077c1f72 corporate/3.0/x86_64/mozilla-firefox-es_AR-1.5.0.8-0.1.C30mdk.x86_64.rpm\n a77469216f5d9774a2540c6142023596 corporate/3.0/x86_64/mozilla-firefox-eu-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 6a2729173eb1b8964017258bf5183b20 corporate/3.0/x86_64/mozilla-firefox-fi-1.5.0.8-0.1.C30mdk.x86_64.rpm\n c543760efaaa21393a736dfbc69d8564 corporate/3.0/x86_64/mozilla-firefox-fr-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 47a1bf39777d2a0f15afbac99c95e488 corporate/3.0/x86_64/mozilla-firefox-fy-1.5.0.8-0.1.C30mdk.x86_64.rpm\n ed9cd505277126d4b0666dc50180843c corporate/3.0/x86_64/mozilla-firefox-ga-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 5b491a1ab10b5344287af12bb23ca2ec corporate/3.0/x86_64/mozilla-firefox-gu_IN-1.5.0.8-0.1.C30mdk.x86_64.rpm\n bba60554281d8e66eb12c7e2f1c286eb corporate/3.0/x86_64/mozilla-firefox-he-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 499df4d089285c7347f7796526cdeed8 corporate/3.0/x86_64/mozilla-firefox-hu-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 0590b36a3507d20a1554a921f2df290e corporate/3.0/x86_64/mozilla-firefox-it-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 1090726474a874691c600de1ff3d7fe4 corporate/3.0/x86_64/mozilla-firefox-ja-1.5.0.8-0.1.C30mdk.x86_64.rpm\n f1854c1973d2067aeb47717e02e1b978 corporate/3.0/x86_64/mozilla-firefox-ko-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 66281573f2dfbb13247b4efd83c5eac9 corporate/3.0/x86_64/mozilla-firefox-lt-1.5.0.8-0.1.C30mdk.x86_64.rpm\n bf8ffc3d1ca00b9aa9c3da330d0894f9 corporate/3.0/x86_64/mozilla-firefox-mk-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 0730fcca475a3ccf41bdcd5a5b381704 corporate/3.0/x86_64/mozilla-firefox-nb-1.5.0.8-0.1.C30mdk.x86_64.rpm\n c2efc6cc73f5e10cf13f8640295dbec5 corporate/3.0/x86_64/mozilla-firefox-nl-1.5.0.8-0.1.C30mdk.x86_64.rpm\n e93489555defa4d394a07d7c3be044e9 corporate/3.0/x86_64/mozilla-firefox-pa_IN-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 5c3d5d884c5f1e198fd0dcb0ea35b53b corporate/3.0/x86_64/mozilla-firefox-pl-1.5.0.8-0.1.C30mdk.x86_64.rpm\n b4fa89a62c4a3f75d7329d2c61829249 corporate/3.0/x86_64/mozilla-firefox-pt-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 98b5d2228cfe87430979350dede26382 corporate/3.0/x86_64/mozilla-firefox-pt_BR-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 121bb72512fe0cb739a8dfea2cb77334 corporate/3.0/x86_64/mozilla-firefox-ro-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 6690c024983dc636337c330a14d18f9b corporate/3.0/x86_64/mozilla-firefox-ru-1.5.0.8-0.1.C30mdk.x86_64.rpm\n c4f5525868b98ccfd265fb078e026c41 corporate/3.0/x86_64/mozilla-firefox-sk-1.5.0.8-0.1.C30mdk.x86_64.rpm\n c5732b363604b60387260935eb3d6ad1 corporate/3.0/x86_64/mozilla-firefox-sl-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 215eedd08847949966f593fbc652866e corporate/3.0/x86_64/mozilla-firefox-sv-1.5.0.8-0.1.C30mdk.x86_64.rpm\n e8b937a222ebbee6497e8679832aa4c8 corporate/3.0/x86_64/mozilla-firefox-tr-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 82416aec298b336154c6fdf780563623 corporate/3.0/x86_64/mozilla-firefox-uk-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 5229c9bdb1da356f715dadc18939783d corporate/3.0/x86_64/mozilla-firefox-zh_CN-1.5.0.8-0.1.C30mdk.x86_64.rpm\n 04150ecca5dbfe244090af9cccd076ed corporate/3.0/x86_64/mozilla-firefox-zh_TW-1.5.0.8-0.1.C30mdk.x86_64.rpm \n 86b4b1bfc9b8a084cad7ee7d46be291b corporate/3.0/SRPMS/mozilla-firefox-1.5.0.8-0.1.C30mdk.src.rpm\n 2f0e72d3924aff74bc9a55a41b44f60f corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-0.1.C30mdk.src.rpm\n\n Corporate 4.0:\n 088124d1ec139440c91f40f6259d60f7 corporate/4.0/i586/libnspr4-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 4935d71a7f50c711f7061da070e452c3 corporate/4.0/i586/libnspr4-devel-1.5.0.8-0.1.20060mlcs4.i586.rpm\n f95cb35be57af2fcc1011d712b830b91 corporate/4.0/i586/libnspr4-static-devel-1.5.0.8-0.1.20060mlcs4.i586.rpm\n c68520b4ad039d1d03930ed225bd3dc7 corporate/4.0/i586/libnss3-1.5.0.8-0.1.20060mlcs4.i586.rpm\n a2ffb796cabd43984cc00f26a048b44b corporate/4.0/i586/libnss3-devel-1.5.0.8-0.1.20060mlcs4.i586.rpm\n ba7e80138f2678ae6951c5aa8c609356 corporate/4.0/i586/mozilla-firefox-1.5.0.8-0.1.20060mlcs4.i586.rpm\n db5bde23f45cabf3d8eb575e1366a373 corporate/4.0/i586/mozilla-firefox-ar-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 0cf58005ddcc3024988abe09210c062c corporate/4.0/i586/mozilla-firefox-bg-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 585ab33b50a390dc9f3ea1d40c7133cc corporate/4.0/i586/mozilla-firefox-br-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 74f91ca40bc294828604faf640c97dc5 corporate/4.0/i586/mozilla-firefox-ca-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 44c6d74403d8b35d65a1a1c25c98beda corporate/4.0/i586/mozilla-firefox-cs-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 4203e096f8f6bee19998ce6b3ddb3eb2 corporate/4.0/i586/mozilla-firefox-da-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 01d38722c97ac1fc18d062665aec4ef7 corporate/4.0/i586/mozilla-firefox-de-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 8ebaa2edb49e3feec867225959494c85 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.8-0.1.20060mlcs4.i586.rpm\n c4749e3562d63e15430e21d0dd9a7215 corporate/4.0/i586/mozilla-firefox-el-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 877eed1cb682f64f9a2b9ef2f4257e34 corporate/4.0/i586/mozilla-firefox-es-1.5.0.8-0.1.20060mlcs4.i586.rpm\n c73011439b0c874d3be5a207c8182689 corporate/4.0/i586/mozilla-firefox-es_AR-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 7370aadeeaf66b52058594037146b4f4 corporate/4.0/i586/mozilla-firefox-eu-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 832e859a8b62126a77dfeb7b8086d21c corporate/4.0/i586/mozilla-firefox-fi-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 02e7fed06cce9eb2e8ead70ff6c2aa49 corporate/4.0/i586/mozilla-firefox-fr-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 9338908202a07748f8ce6eb262eb7865 corporate/4.0/i586/mozilla-firefox-fy-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 7b4b941ac54ed8dcd70d48d6945b158e corporate/4.0/i586/mozilla-firefox-ga-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 3b06ebef8316fbec787b73e4506dd1bd corporate/4.0/i586/mozilla-firefox-gu_IN-1.5.0.8-0.1.20060mlcs4.i586.rpm\n cf225d052aa0ef653c1038db6c485eb1 corporate/4.0/i586/mozilla-firefox-he-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 7034f3d156e4e78e729f148cc8f2bf69 corporate/4.0/i586/mozilla-firefox-hu-1.5.0.8-0.1.20060mlcs4.i586.rpm\n e2dbd8037553ba7727d715000440f43a corporate/4.0/i586/mozilla-firefox-it-1.5.0.8-0.1.20060mlcs4.i586.rpm\n ac4472ae342aa2dce68239402dfd12ea corporate/4.0/i586/mozilla-firefox-ja-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 87da0b6c52d5c066a43dd62bb3849970 corporate/4.0/i586/mozilla-firefox-ko-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 0c7d6aa08b63a3c24c33ffa3cdc592a7 corporate/4.0/i586/mozilla-firefox-lt-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 5b85537051503f852604a9a32cdd388b corporate/4.0/i586/mozilla-firefox-mk-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 873c8a9ccab7a3f0b3ea5eb649ed5647 corporate/4.0/i586/mozilla-firefox-nb-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 1ef55e1d5c7c498bd4ed8323e9bbf4a7 corporate/4.0/i586/mozilla-firefox-nl-1.5.0.8-0.1.20060mlcs4.i586.rpm\n c62cc43b661fc61658c630f4000e124f corporate/4.0/i586/mozilla-firefox-pa_IN-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 1a2aacf34a5b39c34aefdd38579f0c3c corporate/4.0/i586/mozilla-firefox-pl-1.5.0.8-0.1.20060mlcs4.i586.rpm\n bbd43b6930ed48a19d8e623b7f70efcd corporate/4.0/i586/mozilla-firefox-pt-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 71bc48ed5b8dc6404f7ae3af9fa9b841 corporate/4.0/i586/mozilla-firefox-pt_BR-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 14a8e53126599ced68d931f38fecf1bf corporate/4.0/i586/mozilla-firefox-ro-1.5.0.8-0.1.20060mlcs4.i586.rpm\n e60329757a9ffe3b27c7be5a214c4ed3 corporate/4.0/i586/mozilla-firefox-ru-1.5.0.8-0.1.20060mlcs4.i586.rpm\n cabedd45cd2a0d3d1015499269ea98b4 corporate/4.0/i586/mozilla-firefox-sk-1.5.0.8-0.1.20060mlcs4.i586.rpm\n ea1422e5b3266ef79aa8f5f462438d69 corporate/4.0/i586/mozilla-firefox-sl-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 598e8f43608641c737bec8617e26c832 corporate/4.0/i586/mozilla-firefox-sv-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 93c3f8e73ef4522850485008acaf4bed corporate/4.0/i586/mozilla-firefox-tr-1.5.0.8-0.1.20060mlcs4.i586.rpm\n f59b22a253f53c8f252e0b77629597c1 corporate/4.0/i586/mozilla-firefox-uk-1.5.0.8-0.1.20060mlcs4.i586.rpm\n 3007ea5ed5980a2b1ddeaefdea33638b corporate/4.0/i586/mozilla-firefox-zh_CN-1.5.0.8-0.1.20060mlcs4.i586.rpm\n c503fd11f3664f863aced8cfe44f6b82 corporate/4.0/i586/mozilla-firefox-zh_TW-1.5.0.8-0.1.20060mlcs4.i586.rpm \n ec0dee65b1a8045682b753c6e952e84f corporate/4.0/SRPMS/mozilla-firefox-1.5.0.8-0.1.20060mlcs4.src.rpm\n 3891c87832bbe8586a5a89635d17aac4 corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-0.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 813367131571fd2de6015d97fcdbd96c corporate/4.0/x86_64/lib64nspr4-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n bd8eac475b3e616d7727f78870838e2a corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 262c97f8a4a11b4e1d05a3c79106920b corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 4eb7982644b66cdb045c941e96f0ba6b corporate/4.0/x86_64/lib64nss3-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n e447d521d2cadf03456b6cf47f204e27 corporate/4.0/x86_64/lib64nss3-devel-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 870e49d6e0a0e8d328ea8588968377d4 corporate/4.0/x86_64/mozilla-firefox-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n fe479bec573c685eb5a524d43e034e4b corporate/4.0/x86_64/mozilla-firefox-ar-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n e3b17bdb5a04725d06feb9eaaed5bb13 corporate/4.0/x86_64/mozilla-firefox-bg-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 81141ec8733b0b1ddb6a03683438da92 corporate/4.0/x86_64/mozilla-firefox-br-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 99cdba287d60a5fcbc725e6a1411c88c corporate/4.0/x86_64/mozilla-firefox-ca-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n e0f7a0e82af8c8494662d3fa19140e79 corporate/4.0/x86_64/mozilla-firefox-cs-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 1f6bc24ee3bef8182d00ab4df69ec387 corporate/4.0/x86_64/mozilla-firefox-da-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n b0f068ede8420a34af18c171a40aace4 corporate/4.0/x86_64/mozilla-firefox-de-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n c80d12106c9d5ae6d39d595bb7629a9c corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n f44b29e064accac25bbf1c75ec7cf872 corporate/4.0/x86_64/mozilla-firefox-el-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 46898ed5ce7833e13a14a204df199007 corporate/4.0/x86_64/mozilla-firefox-es-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n f7fa4cf4d55ebad18a3f64ed8da661c3 corporate/4.0/x86_64/mozilla-firefox-es_AR-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 136ab61e9aabbaea966f6b125924140b corporate/4.0/x86_64/mozilla-firefox-eu-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n a56c87ce3b17e6a050881fe8af67376a corporate/4.0/x86_64/mozilla-firefox-fi-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 2eae3fa8406ac770bba2ffd4e0f765d0 corporate/4.0/x86_64/mozilla-firefox-fr-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 421b50805708b0d890b8029be9feeb3a corporate/4.0/x86_64/mozilla-firefox-fy-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n bb0f4306a08c3f07c06479300ac9c567 corporate/4.0/x86_64/mozilla-firefox-ga-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n a2752a4d34292e1fdacf2e440387e28c corporate/4.0/x86_64/mozilla-firefox-gu_IN-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 4b462b990bb29314aa8180626dde2d8e corporate/4.0/x86_64/mozilla-firefox-he-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 1e396247f146937bb355d781ed30028a corporate/4.0/x86_64/mozilla-firefox-hu-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 93a8f58e7cae5a88a408f344e56f8902 corporate/4.0/x86_64/mozilla-firefox-it-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 2c1b403e5617e1caec3e4c6a7263a23c corporate/4.0/x86_64/mozilla-firefox-ja-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 4b1842dc6355dac2a3dbadcf7b244cd5 corporate/4.0/x86_64/mozilla-firefox-ko-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 8612355da8a17943f31407e637fa89b2 corporate/4.0/x86_64/mozilla-firefox-lt-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 3ec1a46602a49430424a4830c7a4e14e corporate/4.0/x86_64/mozilla-firefox-mk-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 5ca60240a7ff1dd097438d347cfd194d corporate/4.0/x86_64/mozilla-firefox-nb-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 7012d72f8d7382bf92bacfd52d5a16b3 corporate/4.0/x86_64/mozilla-firefox-nl-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n dc805f1226cea17a507e8937232dae90 corporate/4.0/x86_64/mozilla-firefox-pa_IN-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n e30d1aa794d2992fd2ccd1f9b1ac7652 corporate/4.0/x86_64/mozilla-firefox-pl-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n cdaff2ff2cec4e31720d5b422b3d9153 corporate/4.0/x86_64/mozilla-firefox-pt-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 7fabe48a3d3b30bfb0015cfa51a27e63 corporate/4.0/x86_64/mozilla-firefox-pt_BR-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n edeec031bcc3e355b1264004f89d240e corporate/4.0/x86_64/mozilla-firefox-ro-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 9fec0a083306fdbc113a12257cc700c4 corporate/4.0/x86_64/mozilla-firefox-ru-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n b7f87f9b0172b016bf20a6d628c528d8 corporate/4.0/x86_64/mozilla-firefox-sk-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 1ca27fa5f612d9e08090ea312b08cd39 corporate/4.0/x86_64/mozilla-firefox-sl-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 449fcb7d04b8a863e873bb473b9c0f53 corporate/4.0/x86_64/mozilla-firefox-sv-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 3433a53ecd5123499f9c58b88dc15c80 corporate/4.0/x86_64/mozilla-firefox-tr-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 70e009f2f21dd5a95f2a56a5c183f36e corporate/4.0/x86_64/mozilla-firefox-uk-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n 53336d37c8f78fdf3bbea2f9c0ace96f corporate/4.0/x86_64/mozilla-firefox-zh_CN-1.5.0.8-0.1.20060mlcs4.x86_64.rpm\n e9e5543570a71f0af3a1a4ea584a2721 corporate/4.0/x86_64/mozilla-firefox-zh_TW-1.5.0.8-0.1.20060mlcs4.x86_64.rpm \n ec0dee65b1a8045682b753c6e952e84f corporate/4.0/SRPMS/mozilla-firefox-1.5.0.8-0.1.20060mlcs4.src.rpm\n 3891c87832bbe8586a5a89635d17aac4 corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.8-0.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFU4rymqjQ0CJFipgRAhpNAJ9eoApPOTg7tYSCQ+sPHT7pAQ/a+gCfcIms\nmnmaHXjuuaXW/n2k7ghGaGE=\n=gsi7\n-----END PGP SIGNATURE-----\n\n. \n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA06-333A\n\n\nApple Releases Security Update to Address Multiple Vulnerabilities\n\n Original release date: November 29, 2006\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Apple Mac OS X version 10.3.x and 10.4.x\n * Apple Mac OS X Server version 10.3.x and 10.4.x\n * Apple Safari web browser\n\n These vulnerabilities affect both Intel-based and PowerPC-based Apple\n systems. \n\n\nOverview\n\n Apple has released Security Update 2006-007 to correct multiple\n vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web\n browser. Vulnerabilities in OpenSSL, gzip, and other products are also\n addressed. Attackers may take\n advantage of the less serious vulnerabilities to bypass security\n restrictions or cause a denial of service. \n\n\nI. Description\n\n Apple Security Update 2006-007 addresses a number of vulnerabilities\n affecting Mac OS X, OS X Server, Safari web browser, and other\n products. Further details are available in the related vulnerability\n notes. \n\n This security update also addresses previously known vulnerabilities\n in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. Information is also available through the OpenSSL\n vulnerabilities page. Information about the vulnerabilities in gzip is\n available in a series of vulnerability notes. \n\n\nII. Impact\n\n The impacts of these vulnerabilities vary. For specific details, see\n the appropriate vulnerability notes. Potential consequences include\n remote execution of arbitrary code or commands, bypass of security\n restrictions, and denial of service. \n\n\nIII. Solution\n\nInstall updates\n\n Install Apple Security Update 2006-007. \n\n\nIV. References\n\n * Vulnerability Notes for Apple Security Update 2006-007 -\n \u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e\n\n * Vulnerability Notes for OpenSSL Security Advisory [28th September\n 2006] -\n\u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e\n\n * Vulnerability Note VU#845620 -\n \u003chttp://www.kb.cert.org/vuls/id/845620\u003e\n\n * Vulnerability Note VU#933712 -\n \u003chttp://www.kb.cert.org/vuls/id/933712\u003e\n\n * Vulnerability Note VU#381508 -\n \u003chttp://www.kb.cert.org/vuls/id/381508\u003e\n\n * Vulnerability Note VU#554780 -\n \u003chttp://www.kb.cert.org/vuls/id/554780\u003e\n\n * Vulnerability Note VU#596848 -\n \u003chttp://www.kb.cert.org/vuls/id/596848\u003e\n\n * Vulnerability Note VU#773548 -\n \u003chttp://www.kb.cert.org/vuls/id/773548\u003e\n\n * About the security content of Security Update 2006-007 -\n \u003chttp://docs.info.apple.com/article.html?artnum=304829\u003e\n\n * Mac OS X: Updating your software -\n \u003chttp://docs.info.apple.com/article.html?artnum=106704\u003e\n\n * Apple Downloads - \u003chttp://www.apple.com/support/downloads/\u003e\n\n * OpenSSL: OpenSSL vulnerabilities -\n \u003chttp://www.openssl.org/news/vulnerabilities.html\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/#Safari\u003e\n\n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA06-333A.html\u003e\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA06-333A Feedback VU#191336\" in the\n subject. \n _________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n\n _________________________________________________________________\n\n Revision History\n\n November 29, 2006: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6\nlJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz\niN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7\nxr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf\n8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q\nA580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg==\n=f7N+\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1224-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nDecember 3rd, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2006-4310 CVE-2006-5462 CVE-2006-5463 CVE-2006-5464 CVE-2006-5748\nCERT advisories: VU#335392 VU#390480 VU#495288 VU#714496 \nBugTraq IDs : 19678 20957\n\nSeveral security related problems have been discovered in Mozilla and\nderived products. The Common Vulnerabilities and Exposures project\nidentifies the following vulnerabilities:\n\nCVE-2006-4310\n\n Tomas Kempinsky discovered that malformed FTP server responses\n could lead to denial of service. \n\nCVE-2006-5462\n\n Ulrich K\\xfchn discovered that the correction for a cryptographic\n flaw in the handling of PKCS-1 certificates was incomplete, which\n allows the forgery of certificates. \n\nCVE-2006-5463\n\n \"shutdown\" discovered that modification of JavaScript objects\n during execution could lead to the execution of arbitrary\n JavaScript bytecode. \n\nCVE-2006-5748\n\n Igor Bukanov and Jesse Ruderman discovered several crashes in the\n JavaScript engine, which might allow execution of arbitrary code. \n\nThis update also adresses several crashes, which could be triggered by\nmalicious websites and fixes a regression introduced in the previous\nMozilla update. \n\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.7.8-1sarge8. \n\nWe recommend that you upgrade your mozilla package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8.dsc\n Size/MD5 checksum: 1124 a6f4c7ddbcb0d9126d4e0a81fda4059a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8.diff.gz\n Size/MD5 checksum: 574770 77a056d9582389d1a31de1136dd7a0a2\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz\n Size/MD5 checksum: 30589520 13c0f0331617748426679e8f2e9f537a\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 168064 33104218442c9bd7b113df794afdefe0\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 148564 be8d4aeb7da1d0a7e7524096cefee038\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 184948 f831a7dd089c599c695ab540720be912\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 858396 bd636d8d59d54016d4051ae37fbf0455\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 1034 bb3c11032fe99445e2831485155f9bec\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 11494648 a1029b5935bf687048b0a8156fb3910c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 403290 ade408aef33a53453263a2a83cf96524\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 158332 ccdc52d9b79b5359e18ef4f8e39ae068\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 3358886 c86ce3ccec680c80730cf046560d1cc8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 122288 91187d98388e73f4ca5aa93314a23d78\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 204152 405074b924c7ec7450da6cc623a2d6f9\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 1937184 a527be2c3bb0991c25b1388b17f36509\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_alpha.deb\n Size/MD5 checksum: 212628 6c21078c7b3676273f1224c7028e4f63\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 168068 44912cded148a15690602d83b05517c4\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 147682 56dd565ea350862e6c512562929d6beb\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 184956 1f2c8bb99907df91c3d0f7800d77461d\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 716604 df8853c93a3f8688efc458929802087a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 1036 2691304128a390fa0d0ddd06e5c014fd\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 10958880 c7c04de71bd68b738f13c187a88b4ab1\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 403272 6f5cba2fcd9f28e58e1a46ce9fe2034d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 158328 ffd9e0136af049212c7668080b1590ba\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 3352912 accc3e9736aa0758d131cdf459e2be49\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 121194 cbf6ac02a99d7fb7a64cc29b07433c82\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 204156 ed48ca294a99e3e18eed491119c0d5ea\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 1936052 c051bd4fe32d5d0225f3eae41b01af61\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_amd64.deb\n Size/MD5 checksum: 204454 e52b74e973244cdc91030148777b2607\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 168078 056a33d7d2c0d1ddec9dc82bc10fa91b\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 126062 279c0b2b4672b68c99414f2864d48c8e\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 184962 d3b634a995bcb30e328c4bc23db47742\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 633928 2021be577fc4731afad9fb85f10b900e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 1036 a6a62863932baa16457b8957f191dc8c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 9221058 38cf4492787382ca6f092f8b8996c29d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 403328 db6d998bf24a01bc40e8958c18b8354a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 158342 5851791133fe390520c0dc627cf0e5bb\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 3342584 471aee590010373272675eb6dc51bf9b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 112668 3a2b8d1d473e4801a0e90f0e6e20d173\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 204162 6679a330049947996fd1649ee9015238\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 1604480 9ce39476d103f3d42cb500853c5f24d8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_arm.deb\n Size/MD5 checksum: 169002 02c81d7993667ef81be7c602681e96f0\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 168076 906aae615cfccc867128dfe39ac510bc\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 158584 e4d74474057887b6cb2852f4e4b01c74\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 184956 5551d423e4375da8fb4f9c16dd6a3f3b\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 756664 d2a92775acd425551d1804c23eae7bdf\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 1038 7e88d25552135eb7f79a2fd2c6bd2b22\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 12177466 14304d3394a221c2aa7bc531af9b591b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 403286 f98a9ce0ae8980625c282f80523f0bc7\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 158338 c384d2a4f962d0b9820a5ba28cd1218c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 3359316 77e7f6cfee145742ae2e13f24ec27def\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 123522 69dbc3a82863990e7ca431b7f6a29b61\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 204160 34b097e3f1e4a08af78541d3a12271e7\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 2135234 33d7b6fbf3a170104167b5403fc3f794\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_hppa.deb\n Size/MD5 checksum: 216448 fb8e5b76a683c26e1c3ced60acbb23b2\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 168078 fead516428ff54afba8fb9ffeb6107b7\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 138378 89380d80fe8f7e985a9307a9a677bc3e\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 184968 0abd8dfb25de28cb50c5e58648a0ff3a\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 662194 a2f137e0d9c3c8a936a7ef1393de2955\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 1036 fd2f5c0d987df8a32ab9818ff0a2d968\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 10315404 db2f25cbb471e5387de1aeef7e176f7e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 403286 b3bf4d34d9a51f3f1708b06c70901cf3\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 158358 fde8eec72729840210de689b2a343a51\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 3348734 081bfa3f5e9b81894f5a147ec05298ab\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 116236 5bb8e35c9cf6bcf73572e1307d4e036f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 204172 bb709199707869539300ae4ace073983\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 1811294 790f8577dc06fc90034945919a949ac7\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_i386.deb\n Size/MD5 checksum: 192634 592adc759e44972dacdc85ebe1296a63\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 168060 3ee0a67cfc308f6d7b0f9343a63f02fb\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 176012 62b50ac23c369004b18620238da294dd\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 184936 443ef5c72a5fd2b92028468433fdc2da\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 968864 f4e5406c1a7abe968b52cccfd4ba3041\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 1032 682087a412c08bbc251fe22e56a0dd6d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 12966514 05ed823dbd6c55fd456f03f63aefb7e3\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 403270 03b53aaf2cd12b98d1e3f6f8a8d7dbea\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 158318 ee4f77127d14a091d8730fbcb7cab219\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 3378656 76bc26292ee2482e3b7f18b807357898\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 125584 372e14fa5d4a23a4df7f4b393f66bc3a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 204148 030a13e33c394393c22cbbe03a5fd7b7\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 2302326 2045f4c0ded45041ede24f2fe8316f25\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_ia64.deb\n Size/MD5 checksum: 242940 92b1755ece7f86361e2467ecbe8a0b98\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 168086 d72a577c1f74c1e64183625c6afbb356\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 127678 38a811b392550848806b4ea82b3786d9\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 184978 37b8d8c26f1e913bcc0676351655fbd9\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 601900 70ae4f03be4fb2a05589149a565184f4\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 1044 843ae71e0612517ec6d037f0157bcc6a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 9716824 1976d754f162f52fada5c6ae709a63df\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 403350 9299ef454121636429cd58ce4648de74\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 158384 8f5d9c08ce9ee22a7a523ab12d0339a1\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 3337078 7c2763fc5d1399ba0f6de5e60c487a9f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 114460 847321a189d09a37590931b7bdaa12b8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 204188 0acd1202b74153c09e96dc03c82f858c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 1683182 6fce1b70bc59f24fcaf9204ed8045a0e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_m68k.deb\n Size/MD5 checksum: 175004 ba9f9d625b54cb3b8338f353eb591d63\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 168066 40951a292610d572fb32bc9a08e3d716\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 142540 467f786d8c69106d6bf52c4ff0f147df\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 184948 90d54a6da32f70c55e562ba0908bb615\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 727612 bef2fa46727d30564df686f3bec97b4c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 1036 3f24cf20cf983e887def6ab4e83d313f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 10739450 81c0c801442b91873e351e6469cd626d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 403256 7dea9f93c79476d6c4a08e7da9749d71\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 158328 6ff36aad6504f5156e2cdc4e4e6990fa\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 3358884 7dc0ffad84ddf4ff45ed019f856ddde8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 117622 63931cee65d76f9c7810110fffd591b7\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 204148 64b3b20a437d605742e300d41cdbf251\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 1795510 92e0f045d8bf37b1ea6d90e84480d40c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_mips.deb\n Size/MD5 checksum: 190118 debdc2467236eec1f5ca49bc8ddac2c9\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 168074 cf9f50671782c08500d3c2d29f93ef9e\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 142492 b7b2127fa138bd01dc1c7b4fb4dc1638\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 184942 4a26b1d61ac0daf627f2e7cb8797db82\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 717068 0b935bf6dca82a129f2c678b6069b928\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 1040 69af0bb34af5f881b501bd829b4364bf\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 10620284 93085f80cc02f554bf3d7e1e0d39c176\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 403274 526ced11500a8d0c08044786255199df\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 158340 7b6d7ee717b0bf427bbb469b05908f38\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 3359422 a710eb88d086ddd2f41f1c0f9a1582c6\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 117206 6f80a50306eb573deaa8052ef7b953c4\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 204160 182f59bc3a66185d5d99f4f4b892bf0d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 1777592 0bef8a8191417e642e11a87b95cbff28\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_mipsel.deb\n Size/MD5 checksum: 187610 15e1ba2286e45ea4de8bd10e1043b4ae\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 168068 4afc44e689523284f6596c49a0c57c04\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 132968 c7f1bc15d01ace3a8544dd8ac09c4f5f\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 184954 69dd645183560089b4f0b079b14ff7ba\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 720814 b919244b4647539e92ac8496175e5ec9\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 1030 c93abd84beb9d1b5df1f393dcb742e4d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 9712666 01692a2bb19b64406bcdecdf43fd6921\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 403274 c84c30bab18ab3337cf7c995f1bd235e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 158332 e356212dd93e1bd4762f0350461bc0d8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 3341184 51eac899e26a44b28ca9304f7de58bad\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 114586 582bec3e96ed89fb2b66d127135c2d99\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 204154 cfcef824bc6d730f8749e92626377512\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 1643132 05d2aae54574a7440b11e3d1683b4491\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_powerpc.deb\n Size/MD5 checksum: 175800 b9c2d4010924375ae96697b5c85a2886\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 168068 49233d2e9ce43df4702d355bbe0a1405\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 158304 a8cdc38cb9ac827b54c646b8b5c2b2e7\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 184938 4f7852977d08f31cfad5e8c352946426\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 801008 abfe303f9e48e5341c81a9622c0f9f1c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 1032 35f2fdd96e584c9afbda26d3395ef78f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 11340612 0a8315780402713a6f25f3bb068b9593\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 403268 f4d3465aae90c369a0f4b0000f9b76f9\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 158330 01c26b88dbf2a25b4520e484a324267e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 3353508 2d8ca556688100796c7b66b65f509246\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 121340 1c28f9aa34ab20b8c9b87b6a484f29c0\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 204142 e2c4c8c3b721f3560390c86f8a8e4f42\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 1944770 525714424a1fa0131327ced0961987c9\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_s390.deb\n Size/MD5 checksum: 213646 31a3c2bc95b020fa1a4104cdb24f51cf\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 168070 ec1b9711bc09abaf87a1e8caeac523a9\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 130234 a57dbc4e7d4fb4a7269dce9063b848d9\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 184964 f6d4813d577feef2530f5993e4dc5464\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 674592 5634a5745abfd58cec63f3615b9a7e0e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 1036 222687822a8e79b3407dd3edec552b19\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 9385078 1e10244c49ded27051ea0eeef38508f5\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 403290 fe2140858be3ef7e5b732dc9d98f5f40\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 158338 5703ab5f69f23b9deccc705bf97bfe16\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 3342206 18dd2adf74fc28147f85cc55d4bafc25\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 112520 0d19cd564f1c80ce919f85da844fe535\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 204166 6caff56854b59671710aace6b683bcc2\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 1583766 3366a381ab996886b6924e1d12ad0bc7\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_sparc.deb\n Size/MD5 checksum: 168196 2fc28554dfb6e322e354ccbdff26fb50\n\n\n These files will probably be moved into the stable distribution on\n its next update. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200612-07\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Mozilla Firefox: Multiple vulnerabilities\n Date: December 10, 2006\n Bugs: #154434\n ID: 200612-07\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Mozilla Firefox. \n\nBackground\n==========\n\nMozilla Firefox is a popular open-source web browser from the Mozilla\nProject. \n -------------------------------------------------------------------\n\nDescription\n===========\n\nMozilla Firefox improperly handles Script objects while they are being\nexecuted. Mozilla Firefox has also been found to be vulnerable to\nvarious possible buffer overflows. Lastly, the binary release of\nMozilla Firefox is vulnerable to a low exponent RSA signature forgery\nissue because it is bundled with a vulnerable version of NSS. \n\nImpact\n======\n\nAn attacker could entice a user to view specially crafted JavaScript\nand execute arbitrary code with the rights of the user running Mozilla\nFirefox. It is also possible for an attacker to make up SSL/TLS\ncertificates that would not be detected as invalid by the binary\nrelease of Mozilla Firefox, raising the possibility for\nMan-in-the-Middle attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/mozilla-firefox-1.5.0.8\"\n\nAll Mozilla Firefox binary release users should upgrade to the latest\nversion:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/mozilla-firefox-bin-1.5.0.8\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5462\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5462\n [ 2 ] CVE-2006-5463\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463\n [ 3 ] CVE-2006-5464\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464\n [ 4 ] CVE-2006-5747\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747\n [ 5 ] CVE-2006-5748\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200612-07.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5462"
},
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "52927"
},
{
"db": "PACKETSTORM",
"id": "51980"
},
{
"db": "PACKETSTORM",
"id": "51979"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "52758"
},
{
"db": "PACKETSTORM",
"id": "52926"
}
],
"trust": 5.4
},
"external_ids": {
"_id": null,
"data": [
{
"db": "SECUNIA",
"id": "22722",
"trust": 3.2
},
{
"db": "CERT/CC",
"id": "VU#335392",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2006-5462",
"trust": 3.2
},
{
"db": "SECUNIA",
"id": "23009",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "23013",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "22727",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "23883",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "22763",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "22929",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "22815",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "22770",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "22980",
"trust": 2.4
},
{
"db": "USCERT",
"id": "TA06-312A",
"trust": 2.4
},
{
"db": "BID",
"id": "22083",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2008-0083",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-0293",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-1198",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-4387",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23263",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "24711",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23202",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23297",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23197",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22817",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22737",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23235",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23287",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22965",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1017182",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1017180",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1017181",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 1.2
},
{
"db": "BID",
"id": "19849",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#773548",
"trust": 1.0
},
{
"db": "AUSCERT",
"id": "ESB-2007.0014",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-312A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761",
"trust": 0.8
},
{
"db": "DEBIAN",
"id": "DSA-1224",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1225",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1227",
"trust": 0.6
},
{
"db": "XF",
"id": "30098",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2006:0734",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2006:0735",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2006:0733",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2006:206",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2006:205",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA06-312A",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-382-1",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-381-1",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200612-06",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200612-08",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200612-07",
"trust": 0.6
},
{
"db": "HP",
"id": "SSRT061181",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2006:068",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "102781",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200611-148",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 0.3
},
{
"db": "CERT/CC",
"id": "VU#554780",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#933712",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#596848",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#381508",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "21996",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "50178",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52927",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51980",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51979",
"trust": 0.1
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52708",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52758",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52926",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "52927"
},
{
"db": "PACKETSTORM",
"id": "51980"
},
{
"db": "PACKETSTORM",
"id": "51979"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "52758"
},
{
"db": "PACKETSTORM",
"id": "52926"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-148"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"id": "VAR-200110-0176",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333334
},
"last_update_date": "2026-03-09T23:21:33.133000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HPSBUX02153",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
},
{
"title": "HPSBUX02156",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00774579"
},
{
"title": "HPSBUX02153",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02153.html"
},
{
"title": "HPSBUX02156",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02156.html"
},
{
"title": "firefox",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=476"
},
{
"title": "seamonkey (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=984"
},
{
"title": "mfsa2006-66",
"trust": 0.8,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"title": "mfsa2006-66",
"trust": 0.8,
"url": "http://www.mozilla-japan.org/security/announce/2006/mfsa2006-66.html"
},
{
"title": "RHSA-2006:0733",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0733.html"
},
{
"title": "RHSA-2006:0734",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0734.html"
},
{
"title": "RHSA-2006:0735",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0735.html"
},
{
"title": "102781",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1"
},
{
"title": "TLSA-2006-43",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-43.txt"
},
{
"title": "RHSA-2006:0733",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0733J.html"
},
{
"title": "RHSA-2006:0734",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0734J.html"
},
{
"title": "RHSA-2006:0735",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0735J.html"
},
{
"title": "TLSA-2006-43",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-43j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.9,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 2.7,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-312a.html"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/335392"
},
{
"trust": 1.9,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-200612-08.xml"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-200612-07.xml"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22722/"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.6,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=356215"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22770"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22722"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1017182"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1017181"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1017180"
},
{
"trust": 1.6,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-382-1"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-381-1"
},
{
"trust": 1.6,
"url": "http://www.novell.com/linux/security/advisories/2006_68_mozilla.html"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:206"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:205"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2006/dsa-1227"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2006/dsa-1225"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2006/dsa-1224"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1"
},
{
"trust": 1.6,
"url": "http://security.gentoo.org/glsa/glsa-200612-06.xml"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/24711"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23883"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23297"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23287"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23263"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23235"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23202"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23197"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23013"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23009"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22980"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22965"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22929"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22817"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22815"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22763"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22737"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22727"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2006/4387"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 1.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4387"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0293"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1198"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-p"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10478"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30098"
},
{
"trust": 0.8,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=356215 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22929/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22980/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23013/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22763/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23009/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22815/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22727/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22770/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23883/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 0.8,
"url": "http://www.gzip.org/"
},
{
"trust": 0.8,
"url": "http://www.auscert.org.au/7179"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-5462"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-312a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-312a/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-5462"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-312a.html"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/30098"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/0083"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/1198"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0293"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3748"
},
{
"trust": 0.6,
"url": "http://rhn.redha"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5464"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5462"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5463"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5747"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5748"
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5464"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5748"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5462"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5463"
},
{
"trust": 0.2,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5747"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-67.html"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-65.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508"
},
{
"trust": 0.1,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4220/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21996/"
},
{
"trust": 0.1,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/845620\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848\u003e"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/news/vulnerabilities.html\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=304829\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/#safari\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=106704\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4310"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_hppa.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "52927"
},
{
"db": "PACKETSTORM",
"id": "51980"
},
{
"db": "PACKETSTORM",
"id": "51979"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "52758"
},
{
"db": "PACKETSTORM",
"id": "52926"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-148"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#335392",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#773548",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"db": "BID",
"id": "19849",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50178",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "52927",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "51980",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "51979",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "52708",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "52758",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "52926",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200611-148",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2006-5462",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2006-11-08T00:00:00",
"db": "CERT/CC",
"id": "VU#335392",
"ident": null
},
{
"date": "2006-09-19T00:00:00",
"db": "CERT/CC",
"id": "VU#773548",
"ident": null
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849",
"ident": null
},
{
"date": "2006-09-21T23:56:25",
"db": "PACKETSTORM",
"id": "50178",
"ident": null
},
{
"date": "2006-12-11T16:03:46",
"db": "PACKETSTORM",
"id": "52927",
"ident": null
},
{
"date": "2006-11-13T16:04:12",
"db": "PACKETSTORM",
"id": "51980",
"ident": null
},
{
"date": "2006-11-13T16:03:25",
"db": "PACKETSTORM",
"id": "51979",
"ident": null
},
{
"date": "2006-12-06T02:47:36",
"db": "PACKETSTORM",
"id": "52708",
"ident": null
},
{
"date": "2006-12-06T05:18:55",
"db": "PACKETSTORM",
"id": "52758",
"ident": null
},
{
"date": "2006-12-11T16:03:24",
"db": "PACKETSTORM",
"id": "52926",
"ident": null
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-148",
"ident": null
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000761",
"ident": null
},
{
"date": "2006-11-08T21:07:00",
"db": "NVD",
"id": "CVE-2006-5462",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2007-01-23T00:00:00",
"db": "CERT/CC",
"id": "VU#335392",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#773548",
"ident": null
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849",
"ident": null
},
{
"date": "2006-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-148",
"ident": null
},
{
"date": "2007-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000761",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-5462",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-148"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "The Mozilla Network Security Services library fails to properly verify RSA signatures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-148"
}
],
"trust": 0.9
}
}
VAR-200110-0206
Vulnerability from variot - Updated: 2026-03-09 23:10The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. OpenSSL is prone to a denial-of-service vulnerability. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"_id": null,
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"_id": null,
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"_id": null,
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"_id": null,
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"_id": null,
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"_id": null,
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"_id": null,
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"_id": null,
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"_id": null,
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"_id": null,
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"_id": null,
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"_id": null,
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"_id": null,
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"_id": null,
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"_id": null,
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"_id": null,
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"_id": null,
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"_id": null,
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"_id": null,
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"_id": null,
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"_id": null,
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"_id": null,
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"_id": null,
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"_id": null,
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"_id": null,
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"_id": null,
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"_id": null,
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"_id": null,
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"_id": null,
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"_id": null,
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"_id": null,
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"_id": null,
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"_id": null,
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"_id": null,
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"_id": null,
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"_id": null,
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"_id": null,
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"_id": null,
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"_id": null,
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"_id": null,
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"_id": null,
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"_id": null,
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"_id": null,
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"_id": null,
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"_id": null,
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"_id": null,
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"_id": null,
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"_id": null,
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"_id": null,
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"_id": null,
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"credits": {
"_id": null,
"data": "The vendor credits Tavis Ormandy and Will Drewry of the Google Security Team with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4343",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"_id": null,
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. OpenSSL is prone to a denial-of-service vulnerability. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "64684"
}
],
"trust": 4.41
},
"external_ids": {
"_id": null,
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 2.5
},
{
"db": "BID",
"id": "20246",
"trust": 2.1
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200110-0206",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333334
},
"last_update_date": "2026-03-09T23:10:59.953000Z",
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"db": "BID",
"id": "20246",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169663",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50595",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50543",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "53566",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "64684",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50535",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50560",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "53990",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "101257",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "58346",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "51324",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50548",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246",
"ident": null
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663",
"ident": null
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595",
"ident": null
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543",
"ident": null
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566",
"ident": null
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684",
"ident": null
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535",
"ident": null
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560",
"ident": null
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990",
"ident": null
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257",
"ident": null
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346",
"ident": null
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324",
"ident": null
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548",
"ident": null
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-4343",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
}
}
VAR-201801-1712
Vulnerability from variot - Updated: 2026-03-09 22:55Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Meltdown vulnerability exists in the CPU processor core, which \"melts\" the security boundary implemented by hardware, allowing low-privileged user-level applications to \"cross-border\" access to system-level memory, causing data leakage. The following products and versions are affected: ARM Cortex-R7; Cortex-R8; Cortex-A8; Cortex-A9; Cortex-A12; Xeon CPU E5-1650 v3, v2, v4; Xeon E3-1265l v2, v3, v4 ; Xeon E3-1245 v2, v3, v5, v6 versions; Xeon X7542, etc.
In this update mitigations for x86-64 architecture are provided. Relevant releases/architectures:
RHEL 7-based RHEV-H ELS - noarch RHEV Hypervisor for RHEL-6 ELS - noarch
- The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. (CVE-2017-5754)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: linux-image-4.4.0-1011-aws 4.4.0-1011.11 linux-image-4.4.0-111-generic 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-lowlatency 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-powerpc-e500mc 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-powerpc-smp 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-powerpc64-emb 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-powerpc64-smp 4.4.0-111.134~14.04.1 linux-image-aws 4.4.0.1011.11 linux-image-generic-lts-xenial 4.4.0.111.95 linux-image-lowlatency-lts-xenial 4.4.0.111.95 linux-image-powerpc-e500mc-lts-xenial 4.4.0.111.95 linux-image-powerpc-smp-lts-xenial 4.4.0.111.95 linux-image-powerpc64-emb-lts-xenial 4.4.0.111.95 linux-image-powerpc64-smp-lts-xenial 4.4.0.111.95
Please note that fully mitigating CVE-2017-5715 (Spectre Variant 2) requires corresponding processor microcode/firmware updates or, in virtual environments, hypervisor updates. Ubuntu is working with Intel and AMD to provide future microcode updates that implement IBRS and IBPB as they are made available. Ubuntu users with a processor from a different vendor should contact the vendor to identify necessary firmware updates. Ubuntu will provide corresponding QEMU updates in the future for users of self-hosted virtual environments in coordination with upstream QEMU. Ubuntu users in cloud environments should contact the cloud provider to confirm that the hypervisor has been updated to expose the new CPU features to virtual machines. 5.9 server) - i386, ia64, noarch, x86_64
Bug Fix(es):
-
Previously, the page table isolation feature was able to modify the kernel Page Global Directory (PGD) entries with the _NX bit even for CPUs without the capability to use the "no execute" (NX) bit technology. Consequently, the page tables got corrupted, and the kernel panicked at the first page-fault occurrence. This update adds the check of CPU capabilities before modifying kernel PGD entries with _NX. As a result, the operating system no longer panics on boot due to corrupted page tables under the described circumstances. (BZ#1538169)
-
When booting the operating system with the Kernel Page Table Isolation option enabled, the HPET VSYSCALL shadow mapping was not placed correctly. Consequently, the High Precision Event Timer (HPET) feature was not available early enough, and warnings on boot time occurred. This update fixes the placement of HPET VSYSCALL, and the warnings on boot time due to this behavior no longer occur. (BZ#1541281)
-
Previously, the routine preparing the kexec crashkernel area did not properly clear the page allocated to be kexec's Page Global Directory (PGD). Consequently, the page table isolation shadow mapping routines failed with a warning message when setting up page table entries. With this update, the underlying source code has been fixed to clear the kexec PGD allocated page before setting up its page table entries. As a result, warnings are no longer issued when setting up kexec. (BZ#1541285)
-
When changing a kernel page mapping from Read Only (RO) to Read Write (RW), the Translation Lookaside Buffer (TLB) entry was previously not updated. Consequently, a protection fault on a write operation occurred, which led to a kernel panic. With this update, the underlying source code has been fixed to handle such kind of fault properly, and the kernel no longer panics in the described situation. (BZ#1541892)
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 7.3) - ppc64, ppc64le, x86_64
Bug Fix(es):
-
When attempting to reread parent blocks in btree traversal, the xfs code which deletes extended attributes from an inode assumed that the parent blocks were still on the cache. Under memory pressure and memory reclaim, such parent blocks were sometimes removed from the cache. Consequently, attempts to reread previously cached parent blocks caused the file system to read invalid memory. This update fixes xfs to reinitialize the pointer to the parent block buffers after the block has been reread. As a result, pointers to btree blocks now point to valid memory, and the kernel no longer crashes due to an invalid memory access. (BZ#1512811)
-
The write access check for huge pages did not function correctly on IBM z Systems. Consequently, if asynchronous I/O reads were used, buffers sometimes contained zeroes rather than data from a file, even when the io_getevents() system call reported that the associated read had finished successfully. This update fixes the write access check in the gup_huge_pmd() function in memory management, and read data is stored in asynchronous I/O buffers properly. (BZ#1513315)
-
With this update, the rule for iptables reloading has been optimized to complete faster. (BZ#1514040)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:0151-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0151 Issue date: 2018-01-25 CVE Names: CVE-2015-8539 CVE-2017-7472 CVE-2017-12192 CVE-2017-12193 CVE-2017-15649 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.
Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.
In this update initial mitigations for IBM Power (PowerPC) and IBM zSeries (S390) architectures are provided.
-
Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 processors. (CVE-2017-5715, Important)
-
Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 and PowerPC processors. (CVE-2017-5753, Important)
-
Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. This fix specifically addresses PowerPC processors. (CVE-2017-5754, Important)
Red Hat would like to thank Google Project Zero for reporting CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754.
This update also fixes the following security issues and bugs:
Space precludes documenting all of the bug fixes and enhancements included in this advisory. To see the complete list of bug fixes and enhancements, refer to the following KnowledgeBase article: https://access.redhat.com/articles/3327131.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1284450 - CVE-2015-8539 kernel: local privesc in key management 1442086 - CVE-2017-7472 kernel: keyctl_set_reqkey_keyring() leaks thread keyrings 1493435 - CVE-2017-12192 kernel: NULL pointer dereference due to KEYCTL_READ on negative key 1501215 - CVE-2017-12193 kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation 1504574 - CVE-2017-15649 kernel: Use-after-free in the af_packet.c 1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass 1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-693.17.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm kernel-doc-3.10.0-693.17.1.el7.noarch.rpm
x86_64: kernel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-headers-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm perf-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-693.17.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm kernel-doc-3.10.0-693.17.1.el7.noarch.rpm
x86_64: kernel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-headers-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm perf-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-693.17.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm kernel-doc-3.10.0-693.17.1.el7.noarch.rpm
ppc64: kernel-3.10.0-693.17.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-693.17.1.el7.ppc64.rpm kernel-debug-3.10.0-693.17.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.17.1.el7.ppc64.rpm kernel-devel-3.10.0-693.17.1.el7.ppc64.rpm kernel-headers-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.ppc64.rpm perf-3.10.0-693.17.1.el7.ppc64.rpm perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm python-perf-3.10.0-693.17.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm
ppc64le: kernel-3.10.0-693.17.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debug-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.17.1.el7.ppc64le.rpm kernel-devel-3.10.0-693.17.1.el7.ppc64le.rpm kernel-headers-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.17.1.el7.ppc64le.rpm perf-3.10.0-693.17.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm python-perf-3.10.0-693.17.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm
s390x: kernel-3.10.0-693.17.1.el7.s390x.rpm kernel-debug-3.10.0-693.17.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.s390x.rpm kernel-debug-devel-3.10.0-693.17.1.el7.s390x.rpm kernel-debuginfo-3.10.0-693.17.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-693.17.1.el7.s390x.rpm kernel-devel-3.10.0-693.17.1.el7.s390x.rpm kernel-headers-3.10.0-693.17.1.el7.s390x.rpm kernel-kdump-3.10.0-693.17.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-693.17.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-693.17.1.el7.s390x.rpm perf-3.10.0-693.17.1.el7.s390x.rpm perf-debuginfo-3.10.0-693.17.1.el7.s390x.rpm python-perf-3.10.0-693.17.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.s390x.rpm
x86_64: kernel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-headers-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm perf-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.ppc64.rpm perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-693.17.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm kernel-doc-3.10.0-693.17.1.el7.noarch.rpm
x86_64: kernel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-headers-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm perf-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-8539 https://access.redhat.com/security/cve/CVE-2017-7472 https://access.redhat.com/security/cve/CVE-2017-12192 https://access.redhat.com/security/cve/CVE-2017-12193 https://access.redhat.com/security/cve/CVE-2017-15649 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/speculativeexecution https://access.redhat.com/security/cve/CVE-2017-5753 https://access.redhat.com/security/cve/CVE-2017-5715 https://access.redhat.com/security/cve/CVE-2017-5754 https://access.redhat.com/articles/3327131
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFaab47XlSAg2UNWIIRAgi2AKDDW6z/9di3aoNQMX6PaIOzYTu39gCgncrF n+VQu/CVEmiUW8aXZCnplaM= =Km2i -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Relevant releases/architectures:
Image Updates for RHV-H - noarch Management Agent for RHEL 7 Hosts - noarch
- The appliance is available to download as an OVA file from the Customer Portal. ========================================================================== Kernel Live Patch Security Notice 0046-1 December 20, 2018
linux vulnerability
A security issue affects these releases of Ubuntu:
| Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency |
Summary:
Several security issues were fixed in the kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-18710)
It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10902)
It was discovered that the BPF verifier in the Linux kernel did not correctly compute numeric bounds in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-18445)
Noam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2018-14734)
Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10880)
Kanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. (CVE-2018-18690)
It was discovered that an integer overflow existed in the HID Bluetooth implementation in the Linux kernel that could lead to a buffer overwrite. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5753)
It was discovered that the YUREX USB device driver for the Linux kernel did not properly restrict user space reads or writes. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-16276)
It was discovered that an integer overflow existed in the CD-ROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-16658)
Update instructions:
The problem can be corrected by updating your livepatches to the following versions:
| Kernel | Version | flavors | |--------------------------+----------+--------------------------| | 4.4.0-133.159 | 46.3 | generic, lowlatency | | 4.4.0-133.159~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-134.160 | 46.3 | generic, lowlatency | | 4.4.0-134.160~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-135.161~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-137.163 | 46.3 | generic, lowlatency | | 4.4.0-137.163~14.04.1 | 46.3 | generic, lowlatency | | 4.4.0-138.164 | 46.3 | generic, lowlatency | | 4.4.0-138.164~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-139.165 | 46.3 | generic, lowlatency | | 4.4.0-139.165~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-140.166 | 46.3 | lowlatency, generic | | 4.4.0-140.166~14.04.1 | 46.3 | lowlatency, generic | | 4.15.0-32.35 | 46.3 | lowlatency, generic | | 4.15.0-33.36 | 46.3 | lowlatency, generic | | 4.15.0-34.37 | 46.3 | generic, lowlatency | | 4.15.0-36.39 | 46.3 | generic, lowlatency | | 4.15.0-38.41 | 46.3 | lowlatency, generic | | 4.15.0-39.42 | 46.3 | generic, lowlatency | | 4.15.0-42.45 | 46.3 | lowlatency, generic |
References: CVE-2018-18710, CVE-2018-10902, CVE-2018-18445, CVE-2018-14734, CVE-2018-10880, CVE-2018-18690, CVE-2018-9363, CVE-2017-5753, CVE-2018-16276, CVE-2018-16658
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03805en_us Version: 7
HPESBHF03805 rev.7 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure.
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2018-01-23 Last Updated: 2018-01-22
Potential Security Impact: Local: Disclosure of Information, Elevation of Privilege
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY On January 3 2018, side-channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities may call for both an operating system update, provided by the OS vendor, and a system ROM update from HPE.
Note:
- This issue takes advantage of techniques commonly used in many modern processor architectures.
-
For further information, microprocessor vendors have provided security advisories:
References:
- CVE-2017-5715 - aka Spectre, branch target injection
- CVE-2017-5753 - aka Spectre, bounds check bypass
- CVE-2017-5754 - aka Meltdown, rogue data cache load, memory access permission check performed after kernel memory read
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HPE ProLiant DL380 Gen10 Server - To be delivered
- HPE ProLiant DL180 Gen10 Server - To be delivered
- HPE ProLiant DL160 Gen10 Server - To be delivered
- HPE ProLiant DL360 Gen10 Server - To be delivered
- HPE ProLiant ML110 Gen10 Server - To be delivered
- HPE ProLiant DL580 Gen10 Server - To be delivered
- HPE ProLiant DL560 Gen10 Server - To be delivered
- HPE ProLiant DL120 Gen10 Server - To be delivered
- HPE ProLiant ML350 Gen10 Server - To be delivered
- HPE ProLiant XL450 Gen10 Server - To be delivered
- HPE Synergy 660 Gen10 Compute Module - To be delivered
- HPE ProLiant DL385 Gen10 Server - prior to v1.04
- HPE ProLiant XL170r Gen10 Server - To be delivered
- HPE ProLiant BL460c Gen10 Server Blade - To be delivered
- HPE ProLiant XL190r Gen10 Server - To be delivered
- HPE ProLiant XL230k Gen10 Server - To be delivered
- HPE Synergy 480 Gen10 Compute Module - To be delivered
- HPE ProLiant XL730f Gen9 Server - To be delivered
- HPE ProLiant XL230a Gen9 Server - To be delivered
- HPE ProLiant XL740f Gen9 Server - To be delivered
- HPE ProLiant XL750f Gen9 Server - To be delivered
- HPE ProLiant XL170r Gen9 Server - To be delivered
- HP ProLiant DL60 Gen9 Server - To be delivered
- HP ProLiant DL160 Gen9 Server - To be delivered
- HPE ProLiant DL360 Gen9 Server - To be delivered
- HP ProLiant DL380 Gen9 Server - To be delivered
- HPE ProLiant XL450 Gen9 Server - To be delivered
- HPE Apollo 4200 Gen9 Server - To be delivered
- HP ProLiant BL460c Gen9 Server Blade - To be delivered
- HP ProLiant ML110 Gen9 Server - To be delivered
- HP ProLiant ML150 Gen9 Server - To be delivered
- HPE ProLiant ML350 Gen9 Server - To be delivered
- HP ProLiant DL120 Gen9 Server - To be delivered
- HPE ProLiant DL560 Gen9 Server - To be delivered
- HP ProLiant BL660c Gen9 Server - To be delivered
- HPE ProLiant ML30 Gen9 Server - To be delivered
- HPE ProLiant XL170r Gen10 Server - To be delivered
- HPE ProLiant DL20 Gen9 Server - To be delivered
- HPE Synergy 660 Gen9 Compute Module - To be delivered
- HPE Synergy 480 Gen9 Compute Module - To be delivered
- HPE ProLiant XL250a Gen9 Server - To be delivered
- HPE ProLiant XL190r Gen9 Server - To be delivered
- HP ProLiant DL80 Gen9 Server - To be delivered
- HPE ProLiant DL180 Gen9 Server - To be delivered
- HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server - To be delivered
- HPE ProLiant WS460c Gen9 Workstation - To be delivered
- HPE ProLiant XL260a Gen9 Server - To be delivered
- HPE Synergy 620 Gen9 Compute Module - To be delivered
- HPE ProLiant DL580 Gen9 Server - To be delivered
- HP ProLiant XL220a Gen8 v2 Server - To be delivered
- HPE Synergy 680 Gen9 Compute Module - To be delivered
- HPE ProLiant m510 Server Cartridge - To be delivered
- HPE ProLiant m710p Server Cartridge - To be delivered
- HPE ProLiant m710x Server Cartridge - To be delivered
- HP ProLiant m710 Server Cartridge - To be delivered
- HP ProLiant DL980 G7 Server - To be delivered
- HPE Synergy Composer - To be delivered
- HPE ProLiant Thin Micro TM200 Server - To be delivered
- HPE ProLiant ML10 v2 Server - To be delivered
- HPE ProLiant m350 Server Cartridge - To be delivered
- HPE ProLiant m300 Server Cartridge - To be delivered
- HPE ProLiant MicroServer Gen8 - To be delivered
- HPE ProLiant ML310e Gen8 v2 Server - To be delivered
- HPE Superdome Flex Server - To be delivered
- HP 3PAR StoreServ File Controller - To be delivered - v3 impacted
- HPE StoreVirtual 3000 File Controller - To be delivered
- HPE StoreEasy 1450 Storage - To be delivered
- HPE StoreEasy 1550 Storage - To be delivered
- HPE StoreEasy 1650 Storage - To be delivered
- HPE StoreEasy 3850 Gateway Storage - To be delivered
- HPE StoreEasy 1850 Storage - To be delivered
- HP ConvergedSystem 700 - To be delivered
- HPE Converged Architecture 700 - To be delivered
- HP ProLiant DL580 Gen8 Server - To be delivered
- HPE Cloudline CL2100 Gen10 Server - To be delivered
- HPE Cloudline CL2200 Gen10 Server - To be delivered
- HPE Cloudline CL3150 G4 Server - To be delivered
- HPE Cloudline CL5200 G3 Server - To be delivered
- HPE Cloudline CL3100 G3 Server - To be delivered
- HPE Cloudline CL2100 G3 807S 8 SFF Configure-to-order Server - To be delivered
- HPE Cloudline CL2100 G3 407S 4 LFF Configure-to-order Server - To be delivered
- HPE Cloudline CL2100 G3 806R 8SFF Configure-to-order Server - To be delivered
- HPE Cloudline CL2200 G3 1211R 12 LFF Configure-to-order Server - To be delivered
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2017-5715
8.2 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
6.8 (AV:A/AC:L/Au:N/C:C/I:P/A:N)
CVE-2017-5753
5.0 CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
5.4 (AV:A/AC:M/Au:N/C:P/I:P/A:P)
CVE-2017-5754
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Intel has now identified the root cause of these issues and determined that these microcodes may introduce reboots and other unpredictable system behavior. Due to the severity of the potential issues that may occur when using these microcodes, Intel is now recommending that customers discontinue their use. Additional information is available from Intels Security Exploit Newsroom here: https://newsroom.intel.com/press-kits/security-exploits-intel-products/ . HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions.
All System ROMs including impacted microcodes have been removed from the HPE Support Site. This impacts HPE ProLiant and Synergy Gen10, Gen9, and Gen8 v2 servers as well as HPE Superdome servers for which updated System ROMs had previously been made available. Intel is working on updated microcodes to address these issues, and HPE will validate updated System ROMs including these microcodes and make them available to our customers in the coming weeks.
Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.
-
HPE has provided a customer bulletin https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us with specific instructions to obtain the udpated sytem ROM
-
Note:
- CVE-2017-5715 (Variant 2) requires that the System ROM be updated and a vendor supplied operating system update be applied as well.
- For CVE-2017-5753, CVE-2017-5754 (Variants 1 and 3) require only updates of a vendor supplied operating system.
- HPE will continue to add additional products to the list.
HISTORY
Version:1 (rev.1) - 4 January 2018 Initial release
Version:2 (rev.2) - 5 January 2018 Added additional impacted products
Version:3 (rev.3) - 10 January 2018 Added more impacted products
Version:4 (rev.4) - 9 January 2018 Fixed product ID
Version:5 (rev.5) - 18 January 2018 Added additional impacted products
Version:6 (rev.6) - 19 January 2018 updated impacted product list
Version:7 (rev.7) - 23 January 2018 Marked impacted products with TBD for System ROM updates per Intel's guidance on microcode issues
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update
macOS High Sierra 10.13.2 Supplemental Update is now available and addresses the following:
Available for: macOS High Sierra 10.13.2 Description: macOS High Sierra 10.13.2 Supplemental Update includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).
We would like to acknowledge Jann Horn of Google Project Zero; and Paul Kocher in collaboration with Daniel Genkin of University of Pennsylvania and University of Maryland, Daniel Gruss of Graz University of Technology, Werner Haas of Cyberus Technology, Mike Hamburg of Rambus (Cryptography Research Division), Moritz Lipp of Graz University of Technology, Stefan Mangard of Graz University of Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz of Graz University of Technology, and Yuval Yarom of University of Adelaide and Data61 for their assistance.
Installation note:
macOS High Sierra 10.13.2 Supplemental Update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlpTsDUpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZMSg// WW0oSMlU0KgLL1Fe6z2fCSXF06I/QMdUTFV3tt7Rwb49BfnhLstNb0hE/XRcX/fy IMTurdMlRwOqamrOC7LdSiBvCCeJqyfudEq52uqbFpYDLDK6D/RxUKagTJip+M5P 3KCrTt8qpFA2Ip8KzEmBeS3Of9GnNoGdfI7ir38dFrqCADuWYtd6bVxurcM/Uhs0 yjH38JPGyvRXvxM9Qy5wAezQM9oFN1Jlly79n+RX1d9vDpjfExhUV7n1JS9zTOXw Dy+bjYsXcrlzrmcSlHaRa4E4FTPVYWyLSZmEokoQmTbsIABHiPSc9s92CEEzd2LQ FiOyHgT+QWA3zyySjQ+InhSf17QRpUUIYkgTsZJhbcdLSHXW/2etHq6vh5z5wD92 +HfmKYGozUk6QH7TEApYmS71lKaAFRQscP7D0EGhi81YIlu6shqxZr/HnK2Q1FXJ I7yWXtsZq7BSvYu31uSc/YAr76VBgplETE0hnsPZRdRNiaJyNg6ForfDA7kn7t8W GIdJvjkZzG55fUpW1b/GqPxv8wSb/DDzlrJjb7yAffDyCRr4KGVT0lk2f1aBVYSY NVxrdDtGOEWfd/P+6bU0s5v09mFefCbhIqGTFrqEjrDifYz7nW6BhoBAK+I0cyQf U1316sNsG/gmTuOx7wO6sqyOkYyPGZzDI882U8un+n8= =r0HS -----END PGP SIGNATURE----- . The vulnerability could be exploited to Local Disclosure of Information.
References:
- CVE-2017-5753
- CVE-2017-5715
- CVE-2017-5754
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HP Virtualization Performance Viewer Software - v2.20, v3.0, v3.01, v3.02, v3.03
- HPE Cloud Optimizer - v2.20, v3.0, v3.01, v3.02, v3.03
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
RESOLUTION
Micro Focus is actively working with its vendors to address any systems-level Spectre and Meltdown impacts.However, if you have immediate concerns or questions regarding CentOS and its approach to Spectre or Meltdown, please contact them directly. Please note that you will need to sign in using a Passport account.
3P = 3rd Party Software GN = Micro Focus General Software MU = Multi-Platform Software
System management and security procedures must be reviewed frequently to maintain system integrity. Micro Focus is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends that all users determine the applicability of this information to their individual situations and take appropriate action. Micro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, Micro Focus will not be responsible for any damages resulting from user's use or disregard of the information provided in this Security Bulletin. To the extent permitted by law, Micro Focus disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2017 EntIT Software LLC
Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. 6.6) - noarch, x86_64
3
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "xeon e5 2450l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5550"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340"
},
{
"_id": null,
"model": "vl2 ppc 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "dl ppc15 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "virtual machine manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "6.2-23739"
},
{
"_id": null,
"model": "xeon e5 2430",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "simatic itc2200 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v3"
},
{
"_id": null,
"model": "vl2 ppc12 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2677m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "ec5509"
},
{
"_id": null,
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y57"
},
{
"_id": null,
"model": "xeon e3 1275 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110"
},
{
"_id": null,
"model": "xeon e3 1246 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "router manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "1.1.7-6941-1"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4108"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670qm"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2750"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210u"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585l_v5"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2300"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2760"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3830"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y32"
},
{
"_id": null,
"model": "local service management system",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.3"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "965"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650u"
},
{
"_id": null,
"model": "vl2 ppc 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3958"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8894_v4"
},
{
"_id": null,
"model": "simatic itc1900 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.0"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940"
},
{
"_id": null,
"model": "xeon e5 2470",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2657m"
},
{
"_id": null,
"model": "btc12",
"scope": "eq",
"trust": 1.0,
"vendor": "pepperl fuchs",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4308u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500te"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5200u"
},
{
"_id": null,
"model": "xeon e3 1230 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176f"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3455"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460s"
},
{
"_id": null,
"model": "xeon e3 1240",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2640 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "diskstation manager",
"scope": "gte",
"trust": 1.0,
"vendor": "synology",
"version": "5.2"
},
{
"_id": null,
"model": "xeon e3 1505l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7230"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5010u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3010"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010y"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v2"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3445"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10c"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740d"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.3"
},
{
"_id": null,
"model": "xeon e3 1270 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4617"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200y"
},
{
"_id": null,
"model": "xeon e5 2448l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1260l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4558u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520e"
},
{
"_id": null,
"model": "xeon e3 1240 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6267u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660ue"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3338"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5750hq"
},
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3150"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "655k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775r"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217ue"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6126t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3520m"
},
{
"_id": null,
"model": "xeon e3 1285 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770k"
},
{
"_id": null,
"model": "xeon e3 1240l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3200rk"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3537u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700ec"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5120"
},
{
"_id": null,
"model": "bl2 ppc 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1575m_v5"
},
{
"_id": null,
"model": "xeon e5 2648l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6102e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2520m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3320m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v3"
},
{
"_id": null,
"model": "vs960hd",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2830"
},
{
"_id": null,
"model": "cortex-a12",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "neoverse n2",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3229y"
},
{
"_id": null,
"model": "xeon e5 1660 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2560"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8857_v2"
},
{
"_id": null,
"model": "xeon e5 2630 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6136"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v2"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8168"
},
{
"_id": null,
"model": "xeon e3 1265l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2377m"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3845"
},
{
"_id": null,
"model": "cortex-a78",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "650"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330m"
},
{
"_id": null,
"model": "xeon e5 1650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3060"
},
{
"_id": null,
"model": "xeon e3 1280",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "820qm"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160f"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620um"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v2"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3826"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700hq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5504"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735f"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4302y"
},
{
"_id": null,
"model": "xeon e5 2448l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850eq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5650"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2637m"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v5"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4750hq"
},
{
"_id": null,
"model": "local service management system",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.1"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4200"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5506"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5119t"
},
{
"_id": null,
"model": "vs360hd",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470"
},
{
"_id": null,
"model": "xeon e5 2623 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850"
},
{
"_id": null,
"model": "vl ipc p7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e5 1680 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5118"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6138t"
},
{
"_id": null,
"model": "vl ppc 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770s"
},
{
"_id": null,
"model": "simatic winac rtx \\ 2010",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2010"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100te"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3339y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4960hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590s"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "880"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "960"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6320"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690s"
},
{
"_id": null,
"model": "xeon e5 1620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430s"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3110m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850_v2"
},
{
"_id": null,
"model": "xeon e5 2643 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2518"
},
{
"_id": null,
"model": "vl2 ppc7 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5630"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700mq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3430"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160m"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y70"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603_v2"
},
{
"_id": null,
"model": "bl bpc 7001",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2320"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4950hq"
},
{
"_id": null,
"model": "xeon e5 2430 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2515e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "875k"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6138f"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920xm"
},
{
"_id": null,
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "12.5.8"
},
{
"_id": null,
"model": "bl bpc 3001",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "470um"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w3680"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v4"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610m"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2308"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3630qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570te"
},
{
"_id": null,
"model": "xeon e3 1286 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700eq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v4"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6126"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2460"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v4"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2820"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4020y"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5005u"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116t"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5649"
},
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607"
},
{
"_id": null,
"model": "vl2 ppc 9000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5557u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400t"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3825"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2340ue"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2538"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "930"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430um"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100h"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2830"
},
{
"_id": null,
"model": "xeon e3 1220 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2430m"
},
{
"_id": null,
"model": "xeon e3 1240 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2930"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2803"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440hq"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775d"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3580"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600t"
},
{
"_id": null,
"model": "local service management system",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.2"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2810"
},
{
"_id": null,
"model": "xeon e5 2623 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2628l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5020u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210y"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3950"
},
{
"_id": null,
"model": "vl2 bpc 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e3 1285 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4102e"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3508"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3230m"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3815"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7210"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5606"
},
{
"_id": null,
"model": "xeon e3 1501l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2350m"
},
{
"_id": null,
"model": "vl2 ppc9 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712mq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v4"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6360u"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735d"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2312m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e7530"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5506"
},
{
"_id": null,
"model": "xeon e5 2440 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1900"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2640m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112e"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330m"
},
{
"_id": null,
"model": "xeon e3 1220 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330t"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v4"
},
{
"_id": null,
"model": "xeon e5 2450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2430l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v4"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4628l_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3337u"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v6"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2805"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2718"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3708"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4402ec"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870hq"
},
{
"_id": null,
"model": "xeon e5 2630",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2580"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v3"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v4"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1505m_v6"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4260u"
},
{
"_id": null,
"model": "xeon e5 2650l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600k"
},
{
"_id": null,
"model": "xeon e5 2438l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540um"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2730"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4440s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2760qm"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7600u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v2"
},
{
"_id": null,
"model": "bl bpc 2001",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "740qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4910mq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2467m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100"
},
{
"_id": null,
"model": "xeon e3 1225 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3360m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "460m"
},
{
"_id": null,
"model": "xeon e3 1501m v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6585r"
},
{
"_id": null,
"model": "xeon e3 1265l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2470 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2608l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4578u"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y30"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3635qm"
},
{
"_id": null,
"model": "xeon e3 1220",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "xeon e3 12201",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5675"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2130"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330"
},
{
"_id": null,
"model": "xeon e3 1270 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8550u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5560"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870_v2"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3795"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860hq"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735g"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v2"
},
{
"_id": null,
"model": "bl2 bpc 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "vl2 bpc 3000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6152"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7560u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4288u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699r_v4"
},
{
"_id": null,
"model": "xeon e5 2618l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "bl ppc17 3000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570s"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x6550"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3470"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5530"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6134m"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3235rk"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3475s"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1750"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3230rk"
},
{
"_id": null,
"model": "xeon e3 1505m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6287u"
},
{
"_id": null,
"model": "xeon e5 1428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330te"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210h"
},
{
"_id": null,
"model": "xeon e5 2648l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8830"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2550"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300y"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v2"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6130t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300u"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3758"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v2"
},
{
"_id": null,
"model": "cortex-a15",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500t"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3440"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v3"
},
{
"_id": null,
"model": "xeon e3 1285 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6132"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8156"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2375m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hk"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v2"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5638"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "970"
},
{
"_id": null,
"model": "xeon e5 2428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3858"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340te"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5518"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6154"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7210f"
},
{
"_id": null,
"model": "vl2 ppc 3000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v3"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y71"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360t"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5570"
},
{
"_id": null,
"model": "xeon e5 2408l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1278l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5580"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10a"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6142f"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7567u"
},
{
"_id": null,
"model": "xeon e3 1245 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6098p"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2617m"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2910"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3000"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670r"
},
{
"_id": null,
"model": "simatic itc1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"_id": null,
"model": "xeon e5 2650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4025u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470s"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6126f"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v2"
},
{
"_id": null,
"model": "xeon e5 2418l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7230f"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l7555"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2316"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2655le"
},
{
"_id": null,
"model": "xeon e3 1230 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2643 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4720hq"
},
{
"_id": null,
"model": "xeon e5 2403",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4000m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2115c"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7290f"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2920xm"
},
{
"_id": null,
"model": "xeon e5 1680 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4980hq"
},
{
"_id": null,
"model": "bl bpc 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675r"
},
{
"_id": null,
"model": "xeon e3 1231 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2890_v2"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "550"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3710"
},
{
"_id": null,
"model": "vl bpc 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "990x"
},
{
"_id": null,
"model": "xeon e5 1630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330e"
},
{
"_id": null,
"model": "xeon e3 1280 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "480m"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3480"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3460"
},
{
"_id": null,
"model": "xeon e3 1225",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870_v2"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3538"
},
{
"_id": null,
"model": "router manager",
"scope": "gte",
"trust": 1.0,
"vendor": "synology",
"version": "1.1"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100e"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3700"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1545m_v5"
},
{
"_id": null,
"model": "xeon e3 1240 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3530"
},
{
"_id": null,
"model": "xeon e3 1285l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4220y"
},
{
"_id": null,
"model": "cortex-a75",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "bl ppc15 3000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700k"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5603"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870"
},
{
"_id": null,
"model": "xeon e5 1620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660um"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5680"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745d"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517ue"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5257u"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6130"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670s"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5590"
},
{
"_id": null,
"model": "xeon e3 1271 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712hq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4657l_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610me"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "720qm"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697a_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3740qm"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3808"
},
{
"_id": null,
"model": "xeon e3 1125c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "950"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8153"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770t"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5607"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5520"
},
{
"_id": null,
"model": "xeon e3 1226 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1275 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4410e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2390t"
},
{
"_id": null,
"model": "bl bpc 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3850"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300"
},
{
"_id": null,
"model": "xeon e5 1620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1800"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2650l_v4"
},
{
"_id": null,
"model": "dl ppc18.5m 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4120u"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2510e"
},
{
"_id": null,
"model": "xeon e3 1286l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5690"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "370m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6167u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4250u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980x"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2665"
},
{
"_id": null,
"model": "bl ppc12 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "vl2 bpc 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5015u"
},
{
"_id": null,
"model": "xeon e3 1275",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "450m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l7545"
},
{
"_id": null,
"model": "el ppc 1000\\/wt",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3820qm"
},
{
"_id": null,
"model": "xeon e5 2609",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom x5-e3930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1258l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v3"
},
{
"_id": null,
"model": "bl ppc 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "760"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3205rk"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6006u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3439y"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2557m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2357m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "840qm"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3308"
},
{
"_id": null,
"model": "xeon e5 2603 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4500u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700eq"
},
{
"_id": null,
"model": "xeon e5 1650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867l"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620le"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4550u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820eq"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y30"
},
{
"_id": null,
"model": "xeon e3 1220 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1281 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7660u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4158u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2880_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860s"
},
{
"_id": null,
"model": "xeon e-1105c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "ec5539"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2630qm"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2840"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200h"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4400e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850hq"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4205"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3520"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3115c"
},
{
"_id": null,
"model": "xeon e3 1220 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6148"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2435m"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2807"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120me"
},
{
"_id": null,
"model": "xeon e5 2609 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v4"
},
{
"_id": null,
"model": "xeon e5 2407 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100t"
},
{
"_id": null,
"model": "xeon e5 2430l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "bl2 ppc 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3295rk"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "975"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2808"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4765t"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"_id": null,
"model": "vl2 bpc 9000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2365m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5650u"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1558l_v5"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100e"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114"
},
{
"_id": null,
"model": "cortex-a77",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6260u"
},
{
"_id": null,
"model": "xeon e3 1275 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2610ue"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2758"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qe"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5502"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5645"
},
{
"_id": null,
"model": "xeon e5 2620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "simatic itc2200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675c"
},
{
"_id": null,
"model": "cortex-a72",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "xeon e5 1660 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5640"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5647"
},
{
"_id": null,
"model": "xeon bronze 3106",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3689y"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w3670"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y31"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3710"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5157u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2620m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4771"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x7542"
},
{
"_id": null,
"model": "xeon e3 1225 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770d"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607_v2"
},
{
"_id": null,
"model": "xeon e5 2637",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5667"
},
{
"_id": null,
"model": "xeon e5 2640 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860_v2"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736g"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590t"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v4"
},
{
"_id": null,
"model": "xeon e5 2648l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3785"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7250f"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v4"
},
{
"_id": null,
"model": "cortex-a73",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7295"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3750"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v3"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4807"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6140"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4810mq"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3558"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6540"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v3"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v4"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3590"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v3"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3050"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v4"
},
{
"_id": null,
"model": "xeon bronze 3104",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600u"
},
{
"_id": null,
"model": "dl ppc21.5m 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100m"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3160"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5687"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "661"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4258u"
},
{
"_id": null,
"model": "xeon e5 2620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3805"
},
{
"_id": null,
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "xeon e3 1105c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2609 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "bl rackmount 4u",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5620"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2348m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "390m"
},
{
"_id": null,
"model": "el ppc 1000\\/m",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6442eq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8600k"
},
{
"_id": null,
"model": "bl2 bpc 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3827"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700t"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4648_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2125"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2550k"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v2"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "5.5.0"
},
{
"_id": null,
"model": "xeon e3 1265l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "simatic itc1500 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"_id": null,
"model": "fusion",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "8.0.0"
},
{
"_id": null,
"model": "cortex-a8",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "xeon e5 2609 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2420",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2720qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8650u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v4"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4100"
},
{
"_id": null,
"model": "xeon e3 1230 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2520"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670k"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6685r"
},
{
"_id": null,
"model": "xeon e3 1225 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4785t"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v4"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5618"
},
{
"_id": null,
"model": "xeon e5 1650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2675qm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6510"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3555le"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450p"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3955"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4278u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2629m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640m"
},
{
"_id": null,
"model": "diskstation manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "6.2.2-24922"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3840qm"
},
{
"_id": null,
"model": "simatic itc1900",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4760hq"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2649m"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6130f"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4510u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5600u"
},
{
"_id": null,
"model": "xeon e5 2630l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3530"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450s"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030y"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5609"
},
{
"_id": null,
"model": "xeon e5 1428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3460"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3130"
},
{
"_id": null,
"model": "vl2 ppc 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4440"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3380m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310u"
},
{
"_id": null,
"model": "xeon e3 1268l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1280 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330um"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400"
},
{
"_id": null,
"model": "xeon e3 1280 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820qm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5630"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5670"
},
{
"_id": null,
"model": "xeon e5 2637 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "solidfire",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3426"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2380p"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500t"
},
{
"_id": null,
"model": "xeon e3 1225 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2530"
},
{
"_id": null,
"model": "cortex-r8",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3632qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5503"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3060"
},
{
"_id": null,
"model": "xeon e5 1660 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5120t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2715qe"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v4"
},
{
"_id": null,
"model": "vl bpc 3000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y75"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620lm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "610e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980"
},
{
"_id": null,
"model": "xeon e5 2618l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702ec"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3130m"
},
{
"_id": null,
"model": "bl ppc15 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "cortex-a78ae",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702mq"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v4"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8158"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v3"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3265rk"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600s"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v3"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1578l_v5"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4000"
},
{
"_id": null,
"model": "xeon e5 2643 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1270 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3427u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qe"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6140m"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7285"
},
{
"_id": null,
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "12.0.0"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2700k"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5575r"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v4"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112"
},
{
"_id": null,
"model": "xeon e5 2428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2640 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3687u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3245"
},
{
"_id": null,
"model": "xeon e3 1125c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5508"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7235"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2370m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5677"
},
{
"_id": null,
"model": "hci",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8250u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600m"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j2850"
},
{
"_id": null,
"model": "xeon e3 1220l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v4"
},
{
"_id": null,
"model": "xeon e5 2650l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2105"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700k"
},
{
"_id": null,
"model": "xeon e5 2407",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2450l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2640",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "btc14",
"scope": "eq",
"trust": 1.0,
"vendor": "pepperl fuchs",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310m"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j2900"
},
{
"_id": null,
"model": "xeon e5 2650l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6350hq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5520"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700"
},
{
"_id": null,
"model": "cortex-a17",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3227u"
},
{
"_id": null,
"model": "xeon e3 1235l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "cortex-a9",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670t"
},
{
"_id": null,
"model": "xeon e3 1260l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5122"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660lm"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v3"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2738"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770te"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5672"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3317u"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3570"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5950hq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610"
},
{
"_id": null,
"model": "xeon e5 1660",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 12201 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2618l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2806"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6157u"
},
{
"_id": null,
"model": "bl2 bpc 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500k"
},
{
"_id": null,
"model": "xeon e3 1275 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4202y"
},
{
"_id": null,
"model": "xeon e3 1240 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300t"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2338"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "350m"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6146"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e7520"
},
{
"_id": null,
"model": "cortex-x1",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850"
},
{
"_id": null,
"model": "atom x5-e3940",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1505l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3510"
},
{
"_id": null,
"model": "xeon e3 1290",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4800mq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620ue"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3480"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2350"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699a_v4"
},
{
"_id": null,
"model": "xeon e5 2643",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2410m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v3"
},
{
"_id": null,
"model": "xeon e3 1245 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5550u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710mq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5640"
},
{
"_id": null,
"model": "bl ppc17 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8164"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2537m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v3"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3350p"
},
{
"_id": null,
"model": "xeon e3 1230l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640lm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5540"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y51"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710hq"
},
{
"_id": null,
"model": "xeon e3 1245",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v3"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"_id": null,
"model": "xeon e5 2608l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1270",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170m"
},
{
"_id": null,
"model": "bl rackmount 2u",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440eq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702hq"
},
{
"_id": null,
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y54"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670"
},
{
"_id": null,
"model": "neoverse n1",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "xeon e5 2620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775c"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5500u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940xm"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4005"
},
{
"_id": null,
"model": "xeon e5 2450 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790s"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650l"
},
{
"_id": null,
"model": "atom x7-e3950",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "bl ppc17 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "cortex-r7",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5"
},
{
"_id": null,
"model": "xeon e3 1276 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3450"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8100"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6128"
},
{
"_id": null,
"model": "xeon e5 2403 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v4"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2558"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210"
},
{
"_id": null,
"model": "xeon e3 1245 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3720qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310m"
},
{
"_id": null,
"model": "xeon e5 2603 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4109t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5507"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2420"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2508"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4012y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5530"
},
{
"_id": null,
"model": "vl ppc 3000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3405"
},
{
"_id": null,
"model": "xeon e3 1280 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350h"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5250u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770r"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8180"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210m"
},
{
"_id": null,
"model": "xeon e5 2648l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 1630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690k"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6142"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7250"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250"
},
{
"_id": null,
"model": "bl bpc 3000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e5 2603",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2603 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736f"
},
{
"_id": null,
"model": "xeon e5 2637 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v2"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3225"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700hq"
},
{
"_id": null,
"model": "xeon e5 1650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "lc5518"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5660"
},
{
"_id": null,
"model": "xeon e3 1240l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3450"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3560"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5287u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qe"
},
{
"_id": null,
"model": "xeon e5 2637 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6134"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "580m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170t"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6138"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4105"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570t"
},
{
"_id": null,
"model": "bl2 ppc 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7500u"
},
{
"_id": null,
"model": "xeon e3 1268l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2367m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2540m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x7550"
},
{
"_id": null,
"model": "xeon e3 1235",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "vl2 bpc 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658a_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e7540"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4624l_v2"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "lc5528"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735e"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "530"
},
{
"_id": null,
"model": "xeon e5 2628l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700hq"
},
{
"_id": null,
"model": "xeon e5 1620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100u"
},
{
"_id": null,
"model": "xeon e5 2630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4422e"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2960xm"
},
{
"_id": null,
"model": "xeon e5 2418l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6142m"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5115"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "ec5549"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2940"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3350"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100"
},
{
"_id": null,
"model": "xeon e3 1290 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340s"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1850"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3160"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3437u"
},
{
"_id": null,
"model": "dl ppc15m 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e3 1241 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2516"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585_v5"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600"
},
{
"_id": null,
"model": "xeon e3 1230",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570r"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120"
},
{
"_id": null,
"model": "xeon e5 2428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2628l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1245 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300hq"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2480"
},
{
"_id": null,
"model": "bl ppc 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3667u"
},
{
"_id": null,
"model": "cortex-a57",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2358"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3355"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v4"
},
{
"_id": null,
"model": "visunet rm shell",
"scope": "eq",
"trust": 1.0,
"vendor": "pepperl fuchs",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160t"
},
{
"_id": null,
"model": "fusion",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "8.5.9"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5300u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2635qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2102"
},
{
"_id": null,
"model": "xeon e5 2440",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1285l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4900mq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4005u"
},
{
"_id": null,
"model": "el ppc 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6150"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6148f"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4722hq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "670"
},
{
"_id": null,
"model": "simatic winac rtx \\ 2010",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2010"
},
{
"_id": null,
"model": "cortex-a76",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1565l_v5"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200u"
},
{
"_id": null,
"model": "vl bpc 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e3 1275l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 1428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w3690"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2405s"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680um"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v2"
},
{
"_id": null,
"model": "xeon e3 1230 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2420 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6200u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4402e"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4880_v2"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4890_v2"
},
{
"_id": null,
"model": "xeon e5 2620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v3"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7290"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2920"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150t"
},
{
"_id": null,
"model": "bl ppc15 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8837"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6402p"
},
{
"_id": null,
"model": "core m7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y75"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x7560"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3406"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7920hq"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2815"
},
{
"_id": null,
"model": "skynas",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"_id": null,
"model": "valueline ipc",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2710qe"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3540"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3540m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2328m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8400"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1515m_v5"
},
{
"_id": null,
"model": "xeon e3 1270 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v4"
},
{
"_id": null,
"model": "xeon e5 2418l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6144"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110m"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell emc",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qualcomm incorporated",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "windows sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "internet explorer",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "11"
},
{
"_id": null,
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "v8"
},
{
"_id": null,
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "10"
},
{
"_id": null,
"model": "edge",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "0"
},
{
"_id": null,
"model": "xeon cpu e5-1650",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v3"
},
{
"_id": null,
"model": "cortex a57",
"scope": null,
"trust": 0.6,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "pro a8-9600 r7",
"scope": null,
"trust": 0.6,
"vendor": "amd",
"version": null
},
{
"_id": null,
"model": "compute cores 4c+6g",
"scope": "eq",
"trust": 0.6,
"vendor": "amd",
"version": "10"
},
{
"_id": null,
"model": "fx -8320 eight-core processor",
"scope": null,
"trust": 0.6,
"vendor": "amd",
"version": null
},
{
"_id": null,
"model": "windows server",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00304"
},
{
"db": "NVD",
"id": "CVE-2017-5753"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "145642"
},
{
"db": "PACKETSTORM",
"id": "145717"
},
{
"db": "PACKETSTORM",
"id": "146683"
},
{
"db": "PACKETSTORM",
"id": "146090"
},
{
"db": "PACKETSTORM",
"id": "145667"
},
{
"db": "PACKETSTORM",
"id": "146098"
},
{
"db": "PACKETSTORM",
"id": "145721"
},
{
"db": "PACKETSTORM",
"id": "146315"
}
],
"trust": 0.8
},
"cve": "CVE-2017-5753",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2017-5753",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2018-00304",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-113956",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.1,
"id": "CVE-2017-5753",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5753",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-00304",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-113956",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00304"
},
{
"db": "VULHUB",
"id": "VHN-113956"
},
{
"db": "NVD",
"id": "CVE-2017-5753"
}
]
},
"description": {
"_id": null,
"data": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Two vulnerabilities are identified, known as \"Variant 3a\" and \"Variant 4\". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Meltdown vulnerability exists in the CPU processor core, which \\\"melts\\\" the security boundary implemented by hardware, allowing low-privileged user-level applications to \\\"cross-border\\\" access to system-level memory, causing data leakage. The following products and versions are affected: ARM Cortex-R7; Cortex-R8; Cortex-A8; Cortex-A9; Cortex-A12; Xeon CPU E5-1650 v3, v2, v4; Xeon E3-1265l v2, v3, v4 ; Xeon E3-1245 v2, v3, v5, v6 versions; Xeon X7542, etc. \n\nIn this update mitigations for x86-64 architecture are provided. Relevant releases/architectures:\n\nRHEL 7-based RHEV-H ELS - noarch\nRHEV Hypervisor for RHEL-6 ELS - noarch\n\n3. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. (CVE-2017-5754)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n linux-image-4.4.0-1011-aws 4.4.0-1011.11\n linux-image-4.4.0-111-generic 4.4.0-111.134~14.04.1\n linux-image-4.4.0-111-lowlatency 4.4.0-111.134~14.04.1\n linux-image-4.4.0-111-powerpc-e500mc 4.4.0-111.134~14.04.1\n linux-image-4.4.0-111-powerpc-smp 4.4.0-111.134~14.04.1\n linux-image-4.4.0-111-powerpc64-emb 4.4.0-111.134~14.04.1\n linux-image-4.4.0-111-powerpc64-smp 4.4.0-111.134~14.04.1\n linux-image-aws 4.4.0.1011.11\n linux-image-generic-lts-xenial 4.4.0.111.95\n linux-image-lowlatency-lts-xenial 4.4.0.111.95\n linux-image-powerpc-e500mc-lts-xenial 4.4.0.111.95\n linux-image-powerpc-smp-lts-xenial 4.4.0.111.95\n linux-image-powerpc64-emb-lts-xenial 4.4.0.111.95\n linux-image-powerpc64-smp-lts-xenial 4.4.0.111.95\n\nPlease note that fully mitigating CVE-2017-5715 (Spectre Variant 2)\nrequires corresponding processor microcode/firmware updates or,\nin virtual environments, hypervisor updates. Ubuntu is working with Intel and AMD to provide\nfuture microcode updates that implement IBRS and IBPB as they are made\navailable. Ubuntu users with a processor from a different vendor should\ncontact the vendor to identify necessary firmware updates. Ubuntu\nwill provide corresponding QEMU updates in the future for users of\nself-hosted virtual environments in coordination with upstream QEMU. \nUbuntu users in cloud environments should contact the cloud provider\nto confirm that the hypervisor has been updated to expose the new\nCPU features to virtual machines. 5.9 server) - i386, ia64, noarch, x86_64\n\n3. \n\nBug Fix(es):\n\n* Previously, the page table isolation feature was able to modify the\nkernel Page Global Directory (PGD) entries with the _NX bit even for CPUs\nwithout the capability to use the \"no execute\" (NX) bit technology. \nConsequently, the page tables got corrupted, and the kernel panicked at the\nfirst page-fault occurrence. This update adds the check of CPU capabilities\nbefore modifying kernel PGD entries with _NX. As a result, the operating\nsystem no longer panics on boot due to corrupted page tables under the\ndescribed circumstances. (BZ#1538169)\n\n* When booting the operating system with the Kernel Page Table Isolation\noption enabled, the HPET VSYSCALL shadow mapping was not placed correctly. \nConsequently, the High Precision Event Timer (HPET) feature was not\navailable early enough, and warnings on boot time occurred. This update\nfixes the placement of HPET VSYSCALL, and the warnings on boot time due to\nthis behavior no longer occur. (BZ#1541281)\n\n* Previously, the routine preparing the kexec crashkernel area did not\nproperly clear the page allocated to be kexec\u0027s Page Global Directory\n(PGD). Consequently, the page table isolation shadow mapping routines\nfailed with a warning message when setting up page table entries. With this\nupdate, the underlying source code has been fixed to clear the kexec PGD\nallocated page before setting up its page table entries. As a result,\nwarnings are no longer issued when setting up kexec. (BZ#1541285)\n\n* When changing a kernel page mapping from Read Only (RO) to Read Write\n(RW), the Translation Lookaside Buffer (TLB) entry was previously not\nupdated. Consequently, a protection fault on a write operation occurred,\nwhich led to a kernel panic. With this update, the underlying source code\nhas been fixed to handle such kind of fault properly, and the kernel no\nlonger panics in the described situation. (BZ#1541892)\n\n4. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. 7.3) - ppc64, ppc64le, x86_64\n\n3. \n\nBug Fix(es):\n\n* When attempting to reread parent blocks in btree traversal, the xfs code\nwhich deletes extended attributes from an inode assumed that the parent\nblocks were still on the cache. Under memory pressure and memory reclaim,\nsuch parent blocks were sometimes removed from the cache. Consequently,\nattempts to reread previously cached parent blocks caused the file system\nto read invalid memory. This update fixes xfs to reinitialize the pointer\nto the parent block buffers after the block has been reread. As a result,\npointers to btree blocks now point to valid memory, and the kernel no\nlonger crashes due to an invalid memory access. (BZ#1512811)\n\n* The write access check for huge pages did not function correctly on IBM z\nSystems. Consequently, if asynchronous I/O reads were used, buffers\nsometimes contained zeroes rather than data from a file, even when the\nio_getevents() system call reported that the associated read had finished\nsuccessfully. This update fixes the write access check in the\ngup_huge_pmd() function in memory management, and read data is stored in\nasynchronous I/O buffers properly. (BZ#1513315)\n\n* With this update, the rule for iptables reloading has been optimized to\ncomplete faster. (BZ#1514040)\n\n4. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2018:0151-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:0151\nIssue date: 2018-01-25\nCVE Names: CVE-2015-8539 CVE-2017-7472 CVE-2017-12192 \n CVE-2017-12193 CVE-2017-15649 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a commonly\nused performance optimization). There are three primary variants of the\nissue which differ in the way the speculative execution can be exploited. \n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. The updated kernel packages provide software mitigation\nfor this hardware issue at a cost of potential performance penalty. Please\nrefer to References section for further information about this issue and\nthe performance impact. \n\nIn this update initial mitigations for IBM Power (PowerPC) and IBM zSeries\n(S390) architectures are provided. \n\n* Variant CVE-2017-5715 triggers the speculative execution by utilizing\nbranch target injection. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nand guest/host boundaries and read privileged memory by conducting targeted\ncache side-channel attacks. This fix specifically addresses S390\nprocessors. (CVE-2017-5715, Important)\n\n* Variant CVE-2017-5753 triggers the speculative execution by performing a\nbounds-check bypass. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nboundary and read privileged memory by conducting targeted cache\nside-channel attacks. This fix specifically addresses S390 and PowerPC\nprocessors. (CVE-2017-5753, Important)\n\n* Variant CVE-2017-5754 relies on the fact that, on impacted\nmicroprocessors, during speculative execution of instruction permission\nfaults, exception generation triggered by a faulting access is suppressed\nuntil the retirement of the whole instruction block. In a combination with\nthe fact that memory accesses may populate the cache even when the block is\nbeing dropped and never committed (executed), an unprivileged local\nattacker could use this flaw to read privileged (kernel space) memory by\nconducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects\nIntel x86-64 microprocessors. AMD x86-64 microprocessors are not affected\nby this issue. This fix specifically addresses PowerPC processors. \n(CVE-2017-5754, Important)\n\nRed Hat would like to thank Google Project Zero for reporting\nCVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. \n\nThis update also fixes the following security issues and bugs:\n\nSpace precludes documenting all of the bug fixes and enhancements included\nin this advisory. To see the complete list of bug fixes and enhancements,\nrefer to the following KnowledgeBase article:\nhttps://access.redhat.com/articles/3327131. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1284450 - CVE-2015-8539 kernel: local privesc in key management\n1442086 - CVE-2017-7472 kernel: keyctl_set_reqkey_keyring() leaks thread keyrings\n1493435 - CVE-2017-12192 kernel: NULL pointer dereference due to KEYCTL_READ on negative key\n1501215 - CVE-2017-12193 kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation\n1504574 - CVE-2017-15649 kernel: Use-after-free in the af_packet.c\n1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass\n1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection\n1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-693.17.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.17.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm\nperf-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-693.17.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.17.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm\nperf-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-693.17.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.17.1.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debug-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-devel-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-headers-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.ppc64.rpm\nperf-3.10.0-693.17.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\npython-perf-3.10.0-693.17.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debug-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-devel-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-headers-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.ppc64le.rpm\nperf-3.10.0-693.17.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\npython-perf-3.10.0-693.17.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debug-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-693.17.1.el7.s390x.rpm\nkernel-devel-3.10.0-693.17.1.el7.s390x.rpm\nkernel-headers-3.10.0-693.17.1.el7.s390x.rpm\nkernel-kdump-3.10.0-693.17.1.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-693.17.1.el7.s390x.rpm\nperf-3.10.0-693.17.1.el7.s390x.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\npython-perf-3.10.0-693.17.1.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm\nperf-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-693.17.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.17.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm\nperf-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-8539\nhttps://access.redhat.com/security/cve/CVE-2017-7472\nhttps://access.redhat.com/security/cve/CVE-2017-12192\nhttps://access.redhat.com/security/cve/CVE-2017-12193\nhttps://access.redhat.com/security/cve/CVE-2017-15649\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/speculativeexecution\nhttps://access.redhat.com/security/cve/CVE-2017-5753\nhttps://access.redhat.com/security/cve/CVE-2017-5715\nhttps://access.redhat.com/security/cve/CVE-2017-5754\nhttps://access.redhat.com/articles/3327131\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFaab47XlSAg2UNWIIRAgi2AKDDW6z/9di3aoNQMX6PaIOzYTu39gCgncrF\nn+VQu/CVEmiUW8aXZCnplaM=\n=Km2i\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Relevant releases/architectures:\n\nImage Updates for RHV-H - noarch\nManagement Agent for RHEL 7 Hosts - noarch\n\n3. The appliance is available\nto download as an OVA file from the Customer Portal. ==========================================================================\nKernel Live Patch Security Notice 0046-1\nDecember 20, 2018\n\nlinux vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu:\n\n| Series | Base kernel | Arch | flavors |\n|------------------+--------------+----------+------------------|\n| Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic |\n| Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |\n| Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic |\n| Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency |\n| Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic |\n| Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency |\n\nSummary:\n\nSeveral security issues were fixed in the kernel. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2018-18710)\n\nIt was discovered that a race condition existed in the raw MIDI driver for\nthe Linux kernel, leading to a double free vulnerability. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that the BPF verifier in the Linux kernel did not\ncorrectly compute numeric bounds in some situations. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2018-18445)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in the\nInfiniband implementation in the Linux kernel. An attacker could use this\nto cause a denial of service (system crash). (CVE-2018-14734)\n\nWen Xu discovered that the ext4 filesystem implementation in the Linux\nkernel did not properly ensure that xattr information remained in inode\nbodies. An attacker could use this to construct a malicious ext4 image\nthat, when mounted, could cause a denial of service (system crash). \n(CVE-2018-10880)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file\nsystem in the Linux kernel in certain situations could cause an error\ncondition to occur. A local attacker could use this to cause a denial of\nservice. (CVE-2018-18690)\n\nIt was discovered that an integer overflow existed in the HID Bluetooth\nimplementation in the Linux kernel that could lead to a buffer overwrite. \nAn attacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. This flaw is known as Spectre. A local attacker could use this to\nexpose sensitive information, including kernel memory. (CVE-2017-5753)\n\nIt was discovered that the YUREX USB device driver for the Linux kernel did\nnot properly restrict user space reads or writes. A physically proximate\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-16276)\n\nIt was discovered that an integer overflow existed in the CD-ROM driver of\nthe Linux kernel. A local attacker could use this to expose sensitive\ninformation (kernel memory). (CVE-2018-16658)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your livepatches to the following\nversions:\n\n| Kernel | Version | flavors |\n|--------------------------+----------+--------------------------|\n| 4.4.0-133.159 | 46.3 | generic, lowlatency |\n| 4.4.0-133.159~14.04.1 | 46.3 | lowlatency, generic |\n| 4.4.0-134.160 | 46.3 | generic, lowlatency |\n| 4.4.0-134.160~14.04.1 | 46.3 | lowlatency, generic |\n| 4.4.0-135.161~14.04.1 | 46.3 | lowlatency, generic |\n| 4.4.0-137.163 | 46.3 | generic, lowlatency |\n| 4.4.0-137.163~14.04.1 | 46.3 | generic, lowlatency |\n| 4.4.0-138.164 | 46.3 | generic, lowlatency |\n| 4.4.0-138.164~14.04.1 | 46.3 | lowlatency, generic |\n| 4.4.0-139.165 | 46.3 | generic, lowlatency |\n| 4.4.0-139.165~14.04.1 | 46.3 | lowlatency, generic |\n| 4.4.0-140.166 | 46.3 | lowlatency, generic |\n| 4.4.0-140.166~14.04.1 | 46.3 | lowlatency, generic |\n| 4.15.0-32.35 | 46.3 | lowlatency, generic |\n| 4.15.0-33.36 | 46.3 | lowlatency, generic |\n| 4.15.0-34.37 | 46.3 | generic, lowlatency |\n| 4.15.0-36.39 | 46.3 | generic, lowlatency |\n| 4.15.0-38.41 | 46.3 | lowlatency, generic |\n| 4.15.0-39.42 | 46.3 | generic, lowlatency |\n| 4.15.0-42.45 | 46.3 | lowlatency, generic |\n\nReferences:\n CVE-2018-18710, CVE-2018-10902, CVE-2018-18445, CVE-2018-14734, \n CVE-2018-10880, CVE-2018-18690, CVE-2018-9363, CVE-2017-5753, \n CVE-2018-16276, CVE-2018-16658\n\n\n-- \nubuntu-security-announce mailing list\nubuntu-security-announce@lists.ubuntu.com\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03805en_us\nVersion: 7\n\nHPESBHF03805 rev.7 - Certain HPE products using Microprocessors from Intel,\nAMD, and ARM, with Speculative Execution, Elevation of Privilege and\nInformation Disclosure. \n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2018-01-23\nLast Updated: 2018-01-22\n\nPotential Security Impact: Local: Disclosure of Information, Elevation of\nPrivilege\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nOn January 3 2018, side-channel security vulnerabilities involving\nspeculative execution were publicly disclosed. These vulnerabilities may\nimpact the listed HPE products, potentially leading to information disclosure\nand elevation of privilege. Mitigation and resolution of these\nvulnerabilities may call for both an operating system update, provided by the\nOS vendor, and a system ROM update from HPE. \n\n\n**Note:**\n\n * This issue takes advantage of techniques commonly used in many modern\nprocessor architectures. \n * For further information, microprocessor vendors have provided security\nadvisories:\n \n - Intel:\n\u003chttps://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026langu\ngeid=en-fr\u003e\n - AMD: \u003chttp://www.amd.com/en/corporate/speculative-execution\u003e\n - ARM: \u003chttps://developer.arm.com/support/security-update\u003e\n\nReferences:\n\n - CVE-2017-5715 - aka Spectre, branch target injection\n - CVE-2017-5753 - aka Spectre, bounds check bypass\n - CVE-2017-5754 - aka Meltdown, rogue data cache load, memory access\npermission check performed after kernel memory read\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HPE ProLiant DL380 Gen10 Server - To be delivered\n - HPE ProLiant DL180 Gen10 Server - To be delivered\n - HPE ProLiant DL160 Gen10 Server - To be delivered\n - HPE ProLiant DL360 Gen10 Server - To be delivered\n - HPE ProLiant ML110 Gen10 Server - To be delivered\n - HPE ProLiant DL580 Gen10 Server - To be delivered\n - HPE ProLiant DL560 Gen10 Server - To be delivered\n - HPE ProLiant DL120 Gen10 Server - To be delivered\n - HPE ProLiant ML350 Gen10 Server - To be delivered\n - HPE ProLiant XL450 Gen10 Server - To be delivered\n - HPE Synergy 660 Gen10 Compute Module - To be delivered\n - HPE ProLiant DL385 Gen10 Server - prior to v1.04 \n - HPE ProLiant XL170r Gen10 Server - To be delivered\n - HPE ProLiant BL460c Gen10 Server Blade - To be delivered\n - HPE ProLiant XL190r Gen10 Server - To be delivered\n - HPE ProLiant XL230k Gen10 Server - To be delivered\n - HPE Synergy 480 Gen10 Compute Module - To be delivered\n - HPE ProLiant XL730f Gen9 Server - To be delivered\n - HPE ProLiant XL230a Gen9 Server - To be delivered\n - HPE ProLiant XL740f Gen9 Server - To be delivered\n - HPE ProLiant XL750f Gen9 Server - To be delivered\n - HPE ProLiant XL170r Gen9 Server - To be delivered\n - HP ProLiant DL60 Gen9 Server - To be delivered\n - HP ProLiant DL160 Gen9 Server - To be delivered\n - HPE ProLiant DL360 Gen9 Server - To be delivered\n - HP ProLiant DL380 Gen9 Server - To be delivered\n - HPE ProLiant XL450 Gen9 Server - To be delivered\n - HPE Apollo 4200 Gen9 Server - To be delivered\n - HP ProLiant BL460c Gen9 Server Blade - To be delivered\n - HP ProLiant ML110 Gen9 Server - To be delivered\n - HP ProLiant ML150 Gen9 Server - To be delivered\n - HPE ProLiant ML350 Gen9 Server - To be delivered\n - HP ProLiant DL120 Gen9 Server - To be delivered\n - HPE ProLiant DL560 Gen9 Server - To be delivered\n - HP ProLiant BL660c Gen9 Server - To be delivered\n - HPE ProLiant ML30 Gen9 Server - To be delivered\n - HPE ProLiant XL170r Gen10 Server - To be delivered\n - HPE ProLiant DL20 Gen9 Server - To be delivered\n - HPE Synergy 660 Gen9 Compute Module - To be delivered\n - HPE Synergy 480 Gen9 Compute Module - To be delivered\n - HPE ProLiant XL250a Gen9 Server - To be delivered\n - HPE ProLiant XL190r Gen9 Server - To be delivered\n - HP ProLiant DL80 Gen9 Server - To be delivered\n - HPE ProLiant DL180 Gen9 Server - To be delivered\n - HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server -\nTo be delivered\n - HPE ProLiant WS460c Gen9 Workstation - To be delivered\n - HPE ProLiant XL260a Gen9 Server - To be delivered\n - HPE Synergy 620 Gen9 Compute Module - To be delivered\n - HPE ProLiant DL580 Gen9 Server - To be delivered\n - HP ProLiant XL220a Gen8 v2 Server - To be delivered\n - HPE Synergy 680 Gen9 Compute Module - To be delivered\n - HPE ProLiant m510 Server Cartridge - To be delivered\n - HPE ProLiant m710p Server Cartridge - To be delivered\n - HPE ProLiant m710x Server Cartridge - To be delivered\n - HP ProLiant m710 Server Cartridge - To be delivered\n - HP ProLiant DL980 G7 Server - To be delivered\n - HPE Synergy Composer - To be delivered\n - HPE ProLiant Thin Micro TM200 Server - To be delivered\n - HPE ProLiant ML10 v2 Server - To be delivered\n - HPE ProLiant m350 Server Cartridge - To be delivered\n - HPE ProLiant m300 Server Cartridge - To be delivered\n - HPE ProLiant MicroServer Gen8 - To be delivered\n - HPE ProLiant ML310e Gen8 v2 Server - To be delivered\n - HPE Superdome Flex Server - To be delivered\n - HP 3PAR StoreServ File Controller - To be delivered - v3 impacted\n - HPE StoreVirtual 3000 File Controller - To be delivered\n - HPE StoreEasy 1450 Storage - To be delivered\n - HPE StoreEasy 1550 Storage - To be delivered\n - HPE StoreEasy 1650 Storage - To be delivered\n - HPE StoreEasy 3850 Gateway Storage - To be delivered\n - HPE StoreEasy 1850 Storage - To be delivered\n - HP ConvergedSystem 700 - To be delivered\n - HPE Converged Architecture 700 - To be delivered\n - HP ProLiant DL580 Gen8 Server - To be delivered\n - HPE Cloudline CL2100 Gen10 Server - To be delivered\n - HPE Cloudline CL2200 Gen10 Server - To be delivered\n - HPE Cloudline CL3150 G4 Server - To be delivered\n - HPE Cloudline CL5200 G3 Server - To be delivered\n - HPE Cloudline CL3100 G3 Server - To be delivered\n - HPE Cloudline CL2100 G3 807S 8 SFF Configure-to-order Server - To be\ndelivered\n - HPE Cloudline CL2100 G3 407S 4 LFF Configure-to-order Server - To be\ndelivered\n - HPE Cloudline CL2100 G3 806R 8SFF Configure-to-order Server - To be\ndelivered\n - HPE Cloudline CL2200 G3 1211R 12 LFF Configure-to-order Server - To be\ndelivered\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2017-5715\n 8.2 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N\n 6.8 (AV:A/AC:L/Au:N/C:C/I:P/A:N)\n\n CVE-2017-5753\n 5.0 CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L\n 5.4 (AV:A/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2017-5754\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\n 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nOn January 11, Intel announced issues with an increased frequency of reboots\nwhen using the microcodes they released to address Variant 2 of the Spectre\nVulnerability for numerous processors including Broadwell, Haswell, Skylake,\nKaby Lake, Ivybridge, and Sandybridge processors. Intel has now identified\nthe root cause of these issues and determined that these microcodes may\nintroduce reboots and other unpredictable system behavior. Due to the\nseverity of the potential issues that may occur when using these microcodes,\nIntel is now recommending that customers discontinue their use. Additional\ninformation is available from Intels Security Exploit Newsroom here:\n\u003chttps://newsroom.intel.com/press-kits/security-exploits-intel-products/\u003e . \nHPE is in alignment with Intel in our recommendation that customers\ndiscontinue use of System ROMs including impacted microcodes and revert to\nearlier System ROM versions. \n\nAll System ROMs including impacted microcodes have been removed from the HPE\nSupport Site. This impacts HPE ProLiant and Synergy Gen10, Gen9, and Gen8 v2\nservers as well as HPE Superdome servers for which updated System ROMs had\npreviously been made available. Intel is working on updated microcodes to\naddress these issues, and HPE will validate updated System ROMs including\nthese microcodes and make them available to our customers in the coming\nweeks. \n\nMitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities\nrequire only OS updates and are not impacted. \n\n * HPE has provided a customer bulletin\n\u003chttps://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us\u003e\nwith specific instructions to obtain the udpated sytem ROM\n \n - Note:\n \n + CVE-2017-5715 (Variant 2) requires that the System ROM be updated and a\nvendor supplied operating system update be applied as well. \n + For CVE-2017-5753, CVE-2017-5754 (Variants 1 and 3) require only\nupdates of a vendor supplied operating system. \n + HPE will continue to add additional products to the list. \n\nHISTORY\n\nVersion:1 (rev.1) - 4 January 2018 Initial release\n\nVersion:2 (rev.2) - 5 January 2018 Added additional impacted products\n\nVersion:3 (rev.3) - 10 January 2018 Added more impacted products\n\nVersion:4 (rev.4) - 9 January 2018 Fixed product ID\n\nVersion:5 (rev.5) - 18 January 2018 Added additional impacted products\n\nVersion:6 (rev.6) - 19 January 2018 updated impacted product list\n\nVersion:7 (rev.7) - 23 January 2018 Marked impacted products with TBD for\nSystem ROM updates per Intel\u0027s guidance on microcode issues\n\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update\n\nmacOS High Sierra 10.13.2 Supplemental Update is now available\nand addresses the following:\n\nAvailable for: macOS High Sierra 10.13.2\nDescription: macOS High Sierra 10.13.2 Supplemental Update includes\nsecurity improvements to Safari and WebKit to mitigate the effects of\nSpectre (CVE-2017-5753 and CVE-2017-5715). \n\nWe would like to acknowledge Jann Horn of Google Project Zero; and\nPaul Kocher in collaboration with Daniel Genkin of University of\nPennsylvania and University of Maryland, Daniel Gruss of Graz\nUniversity of Technology, Werner Haas of Cyberus Technology,\nMike Hamburg of Rambus (Cryptography Research Division),\nMoritz Lipp of Graz University of Technology, Stefan Mangard of\nGraz University of Technology, Thomas Prescher of Cyberus Technology,\nMichael Schwarz of Graz University of Technology, and Yuval Yarom of\nUniversity of Adelaide and Data61 for their assistance. \n\nInstallation note:\n\nmacOS High Sierra 10.13.2 Supplemental Update may be obtained from\nthe Mac App Store or Apple\u0027s Software Downloads web site:\nhttps://support.apple.com/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlpTsDUpHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZMSg//\nWW0oSMlU0KgLL1Fe6z2fCSXF06I/QMdUTFV3tt7Rwb49BfnhLstNb0hE/XRcX/fy\nIMTurdMlRwOqamrOC7LdSiBvCCeJqyfudEq52uqbFpYDLDK6D/RxUKagTJip+M5P\n3KCrTt8qpFA2Ip8KzEmBeS3Of9GnNoGdfI7ir38dFrqCADuWYtd6bVxurcM/Uhs0\nyjH38JPGyvRXvxM9Qy5wAezQM9oFN1Jlly79n+RX1d9vDpjfExhUV7n1JS9zTOXw\nDy+bjYsXcrlzrmcSlHaRa4E4FTPVYWyLSZmEokoQmTbsIABHiPSc9s92CEEzd2LQ\nFiOyHgT+QWA3zyySjQ+InhSf17QRpUUIYkgTsZJhbcdLSHXW/2etHq6vh5z5wD92\n+HfmKYGozUk6QH7TEApYmS71lKaAFRQscP7D0EGhi81YIlu6shqxZr/HnK2Q1FXJ\nI7yWXtsZq7BSvYu31uSc/YAr76VBgplETE0hnsPZRdRNiaJyNg6ForfDA7kn7t8W\nGIdJvjkZzG55fUpW1b/GqPxv8wSb/DDzlrJjb7yAffDyCRr4KGVT0lk2f1aBVYSY\nNVxrdDtGOEWfd/P+6bU0s5v09mFefCbhIqGTFrqEjrDifYz7nW6BhoBAK+I0cyQf\nU1316sNsG/gmTuOx7wO6sqyOkYyPGZzDI882U8un+n8=\n=r0HS\n-----END PGP SIGNATURE-----\n. The vulnerability could be exploited to Local Disclosure of\nInformation. \n\nReferences:\n\n - CVE-2017-5753\n - CVE-2017-5715\n - CVE-2017-5754\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HP Virtualization Performance Viewer Software - v2.20, v3.0, v3.01,\nv3.02, v3.03\n - HPE Cloud Optimizer - v2.20, v3.0, v3.01, v3.02, v3.03\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n\nRESOLUTION\n\nMicro Focus is actively working with its vendors to address any systems-level\nSpectre and Meltdown impacts.However, if you have immediate concerns or\nquestions regarding CentOS and its approach to Spectre or Meltdown, please\ncontact them directly. \n Please note that you will need to sign in using a Passport account. \n\n3P = 3rd Party Software\nGN = Micro Focus General Software\nMU = Multi-Platform Software\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. \nMicro Focus is continually reviewing and enhancing the security features of software products to provide \ncustomers with current secure solutions. \n\n\"Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the \naffected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends \nthat all users determine the applicability of this information to their individual situations and take appropriate action. \nMicro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, \nMicro Focus will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in \nthis Security Bulletin. To the extent permitted by law, Micro Focus disclaims all warranties, either express or \nimplied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\" \n\n\nCopyright 2017 EntIT Software LLC\n\nMicro Focus shall not be liable for technical or editorial errors or omissions contained herein. 6.6) - noarch, x86_64\n\n3",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5753"
},
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00304"
},
{
"db": "VULHUB",
"id": "VHN-113956"
},
{
"db": "PACKETSTORM",
"id": "145642"
},
{
"db": "PACKETSTORM",
"id": "145717"
},
{
"db": "PACKETSTORM",
"id": "146017"
},
{
"db": "PACKETSTORM",
"id": "146683"
},
{
"db": "PACKETSTORM",
"id": "146771"
},
{
"db": "PACKETSTORM",
"id": "146090"
},
{
"db": "PACKETSTORM",
"id": "146098"
},
{
"db": "PACKETSTORM",
"id": "145721"
},
{
"db": "PACKETSTORM",
"id": "150863"
},
{
"db": "PACKETSTORM",
"id": "146026"
},
{
"db": "PACKETSTORM",
"id": "145767"
},
{
"db": "PACKETSTORM",
"id": "146315"
},
{
"db": "PACKETSTORM",
"id": "147582"
},
{
"db": "PACKETSTORM",
"id": "145667"
}
],
"trust": 3.51
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-113956",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113956"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-5753",
"trust": 3.1
},
{
"db": "CERT/CC",
"id": "VU#584653",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#180049",
"trust": 1.9
},
{
"db": "BID",
"id": "102371",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1040071",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-505225",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-608355",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "145645",
"trust": 1.1
},
{
"db": "LENOVO",
"id": "LEN-18282",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "43427",
"trust": 1.1
},
{
"db": "CERT@VDE",
"id": "VDE-2018-003",
"trust": 1.1
},
{
"db": "CERT@VDE",
"id": "VDE-2018-002",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA18-141A",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-00304",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "150863",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145837",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145774",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145715",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201801-150",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-113956",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145642",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145717",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146017",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146683",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146771",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146090",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145667",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146098",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146026",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145767",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146315",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147582",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00304"
},
{
"db": "VULHUB",
"id": "VHN-113956"
},
{
"db": "PACKETSTORM",
"id": "145642"
},
{
"db": "PACKETSTORM",
"id": "145717"
},
{
"db": "PACKETSTORM",
"id": "146017"
},
{
"db": "PACKETSTORM",
"id": "146683"
},
{
"db": "PACKETSTORM",
"id": "146771"
},
{
"db": "PACKETSTORM",
"id": "146090"
},
{
"db": "PACKETSTORM",
"id": "145667"
},
{
"db": "PACKETSTORM",
"id": "146098"
},
{
"db": "PACKETSTORM",
"id": "145721"
},
{
"db": "PACKETSTORM",
"id": "150863"
},
{
"db": "PACKETSTORM",
"id": "146026"
},
{
"db": "PACKETSTORM",
"id": "145767"
},
{
"db": "PACKETSTORM",
"id": "146315"
},
{
"db": "PACKETSTORM",
"id": "147582"
},
{
"db": "NVD",
"id": "CVE-2017-5753"
}
]
},
"id": "VAR-201801-1712",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00304"
},
{
"db": "VULHUB",
"id": "VHN-113956"
}
],
"trust": 1.32920724375
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00304"
}
]
},
"last_update_date": "2026-03-09T22:55:08.285000Z",
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-203",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113956"
},
{
"db": "NVD",
"id": "CVE-2017-5753"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.9,
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"trust": 1.9,
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102371"
},
{
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"trust": 1.6,
"url": "https://support.apple.com//ht208394"
},
{
"trust": 1.6,
"url": "http://www.dell.com/support/speculative-store-bypass"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:0292"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/jun/36"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"trust": 1.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180104-cpusidechannel"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"trust": 1.1,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2018-001.txt"
},
{
"trust": 1.1,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-003.txt"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.1,
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"trust": 1.1,
"url": "https://aws.amazon.com/de/security/security-bulletins/aws-2018-013/"
},
{
"trust": 1.1,
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"trust": 1.1,
"url": "https://cdrdv2.intel.com/v1/dl/getcontent/685359"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"trust": 1.1,
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"trust": 1.1,
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"trust": 1.1,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180002"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx231399"
},
{
"trust": 1.1,
"url": "https://support.f5.com/csp/article/k91229003"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/us/en/solutions/len-18282"
},
{
"trust": 1.1,
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"trust": 1.1,
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"trust": 1.1,
"url": "https://www.synology.com/support/security/synology_sa_18_01"
},
{
"trust": 1.1,
"url": "https://www.vmware.com/us/security/advisories/vmsa-2018-0002.html"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/145645/spectre-information-disclosure-proof-of-concept.html"
},
{
"trust": 1.1,
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"trust": 1.1,
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"trust": 1.1,
"url": "https://spectreattack.com/"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040071"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3540-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3541-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3542-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"trust": 1.0,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03871en_us"
},
{
"trust": 0.8,
"url": "https://vuls.cert.org/confluence/display/wiki/vulnerabilities+associated+with+cpu+speculative+execution"
},
{
"trust": 0.8,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"trust": 0.8,
"url": "https://developer.amd.com/wp-content/resources/124441_amd64_speculativestorebypassdisable_whitepaper_final.pdf"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta18-141a"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/208.html"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-speculative-execution-side-channel-mitigations.pdf"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-intel-analysis-of-speculative-execution-side-channels-white-paper.pdf"
},
{
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180521-cpusidechannel"
},
{
"trust": 0.8,
"url": "https://fortiguard.com/psirt/fg-ir-18-002"
},
{
"trust": 0.8,
"url": "https://support.hp.com/us-en/document/c06001626"
},
{
"trust": 0.8,
"url": "http://www.hitachi.com/hirt/publications/hirt-pub18001/"
},
{
"trust": 0.8,
"url": "https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/"
},
{
"trust": 0.8,
"url": "https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 0.8,
"url": "https://www.suse.com/support/kb/doc/?id=7022937"
},
{
"trust": 0.8,
"url": "https://www.synology.com/en-global/support/security/synology_sa_18_23"
},
{
"trust": 0.8,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/variant4"
},
{
"trust": 0.8,
"url": "https://kb.vmware.com/s/article/54951"
},
{
"trust": 0.8,
"url": "https://aws.amazon.com/security/security-bulletins/aws-2018-015/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2017-5753"
},
{
"trust": 0.8,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2017-5754"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2017-5715"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
},
{
"trust": 0.6,
"url": "https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/solutions/3307851"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03871en_us"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0007"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0046"
},
{
"trust": 0.1,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/spectreandmeltdown"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3540-2"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3540-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1011.11"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-111.134~14.04.1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0464"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3523-1,"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3541-1,"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.13.0-37.42"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.13.0-1015.16"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3597-1,"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0182"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7472"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8539"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12192"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3327131"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-8539"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-12193"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-15649"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-7472"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12193"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0151"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-12192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15649"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3327131."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0045"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18690"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16658"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10902"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18710"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10880"
},
{
"trust": 0.1,
"url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-a00039267en_us\u003e"
},
{
"trust": 0.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026langu"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://developer.arm.com/support/security-update\u003e"
},
{
"trust": 0.1,
"url": "http://www.amd.com/en/corporate/speculative-execution\u003e"
},
{
"trust": 0.1,
"url": "https://newsroom.intel.com/press-kits/security-exploits-intel-products/\u003e"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://www.microfocus.com/support-and-services/report-security"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/group/softwaresupport/email-notification/-/subscriptions/registerdocumentnotification"
},
{
"trust": 0.1,
"url": "https://cf.passport.softwaregrp.com/hppcf/createuser.do"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/security-vulnerability"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/km03158629"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00304"
},
{
"db": "VULHUB",
"id": "VHN-113956"
},
{
"db": "PACKETSTORM",
"id": "145642"
},
{
"db": "PACKETSTORM",
"id": "145717"
},
{
"db": "PACKETSTORM",
"id": "146017"
},
{
"db": "PACKETSTORM",
"id": "146683"
},
{
"db": "PACKETSTORM",
"id": "146771"
},
{
"db": "PACKETSTORM",
"id": "146090"
},
{
"db": "PACKETSTORM",
"id": "145667"
},
{
"db": "PACKETSTORM",
"id": "146098"
},
{
"db": "PACKETSTORM",
"id": "145721"
},
{
"db": "PACKETSTORM",
"id": "150863"
},
{
"db": "PACKETSTORM",
"id": "146026"
},
{
"db": "PACKETSTORM",
"id": "145767"
},
{
"db": "PACKETSTORM",
"id": "146315"
},
{
"db": "PACKETSTORM",
"id": "147582"
},
{
"db": "NVD",
"id": "CVE-2017-5753"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#180049",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-00304",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-113956",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145642",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145717",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146017",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146683",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146771",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146090",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145667",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146098",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145721",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "150863",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146026",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145767",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146315",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "147582",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-5753",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-21T00:00:00",
"db": "CERT/CC",
"id": "VU#180049",
"ident": null
},
{
"date": "2018-01-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00304",
"ident": null
},
{
"date": "2018-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-113956",
"ident": null
},
{
"date": "2018-01-04T01:21:13",
"db": "PACKETSTORM",
"id": "145642",
"ident": null
},
{
"date": "2018-01-06T18:01:01",
"db": "PACKETSTORM",
"id": "145717",
"ident": null
},
{
"date": "2018-01-23T04:32:09",
"db": "PACKETSTORM",
"id": "146017",
"ident": null
},
{
"date": "2018-03-07T18:09:17",
"db": "PACKETSTORM",
"id": "146683",
"ident": null
},
{
"date": "2018-03-15T15:54:32",
"db": "PACKETSTORM",
"id": "146771",
"ident": null
},
{
"date": "2018-01-25T21:43:32",
"db": "PACKETSTORM",
"id": "146090",
"ident": null
},
{
"date": "2018-01-04T17:53:11",
"db": "PACKETSTORM",
"id": "145667",
"ident": null
},
{
"date": "2018-01-25T21:47:22",
"db": "PACKETSTORM",
"id": "146098",
"ident": null
},
{
"date": "2018-01-06T18:01:22",
"db": "PACKETSTORM",
"id": "145721",
"ident": null
},
{
"date": "2018-12-20T23:02:22",
"db": "PACKETSTORM",
"id": "150863",
"ident": null
},
{
"date": "2018-01-24T00:28:48",
"db": "PACKETSTORM",
"id": "146026",
"ident": null
},
{
"date": "2018-01-09T17:19:48",
"db": "PACKETSTORM",
"id": "145767",
"ident": null
},
{
"date": "2018-02-09T15:01:04",
"db": "PACKETSTORM",
"id": "146315",
"ident": null
},
{
"date": "2018-05-10T23:27:00",
"db": "PACKETSTORM",
"id": "147582",
"ident": null
},
{
"date": "2018-01-04T13:29:00.257000",
"db": "NVD",
"id": "CVE-2017-5753",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-06-19T00:00:00",
"db": "CERT/CC",
"id": "VU#180049",
"ident": null
},
{
"date": "2018-01-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00304",
"ident": null
},
{
"date": "2021-11-23T00:00:00",
"db": "VULHUB",
"id": "VHN-113956",
"ident": null
},
{
"date": "2025-01-14T19:29:55.853000",
"db": "NVD",
"id": "CVE-2017-5753",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "146017"
},
{
"db": "PACKETSTORM",
"id": "146771"
},
{
"db": "PACKETSTORM",
"id": "150863"
},
{
"db": "PACKETSTORM",
"id": "147582"
}
],
"trust": 0.4
},
"title": {
"_id": null,
"data": "CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "overflow, arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "150863"
}
],
"trust": 0.1
}
}
VAR-201003-1082
Vulnerability from variot - Updated: 2026-03-09 22:46The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack. libpng Has a specific PNG ( Portable Network Graphics ) There is a problem with the file processing. libpng Contains crafted auxiliary chunks PNG When processing files, a huge amount of memory CPU May use resources. For more information, PNG Development Group Security advisories and Defending Libpng Applications Against Decompression Bombs Please confirm.Disturbance of service operation by a remote third party (DoS) An attack may be carried out. The 'libpng' library is prone to a remote denial-of-service vulnerability. Successful exploits will allow an attacker to consume an excessive amount of CPU memory, denying service to legitimate users. Successful exploits will allow an attacker to obtain potentially sensitive information. Versions prior to libpng 1.4.1, 1.2.43, and 1.0.53 are vulnerable. This resource consumption may cause applications using the libpng library to hang. The PNG format uses efficient compression to store graphic data and some related data in an auxiliary database. The PNG specification does not limit the number of chunks, limiting their size to 2.147G (2,147,483,647 bytes). Similarly, the specification limits the width and height of graphics to 2.147 billion rows and 2.147 billion columns. Since the deflate compression method can very efficiently compress data streams consisting of repeated single bytes, small PNG files may occupy a large amount of memory when decompressed, forming a \"decompression bomb that exhausts all available memory. For example, for a zTXt block containing 50,000 lines each containing 100 letters Z, the compressed size is about 17k bytes, but the decompressed size is 5M, and the compression ratio is about 300:1. Libpng library uses inefficient memory acquisition method when expanding compressed zTXt, iTXt and iCCP auxiliary data blocks. About 50k malformed iCCP blocks contained in graphic files can be decompressed to 60M, which will hang the browser for about 20 Minutes, a well-crafted malicious block can also hang the browser for even longer, using up all available memory. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201010-01
http://security.gentoo.org/
Severity: Normal Title: Libpng: Multiple vulnerabilities Date: October 05, 2010 Bugs: #307637, #324153, #335887 ID: 201010-01
Synopsis
Multiple vulnerabilities in libpng might lead to privilege escalation or a Denial of Service. It is used by several programs, including web browsers and potentially server processes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libpng < 1.4.3 >= 1.4.3
Description
Multiple vulnerabilities were found in libpng:
-
The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205)
-
A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205)
-
A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249)
Impact
An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user.
Workaround
There is no known workaround at this time.
Resolution
All libpng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3"
References
[ 1 ] CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 [ 2 ] CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 [ 3 ] CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201010-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425
- Summary
VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.
- Relevant releases
VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,
Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.
- Problem Description
a. VMware Workstation and Player installer security issue
The Workstation 7.x and Player 3.x installers will load an index.htm
file located in the current working directory on which Workstation
7.x or Player 3.x is being installed. This may allow an attacker to
display a malicious file if they manage to get their file onto the
system prior to installation.
The issue can only be exploited at the time that Workstation 7.x or
Player 3.x is being installed. Installed versions of Workstation and
Player are not affected. The security issue is no longer present in
the installer of the new versions of Workstation 7.x and Player 3.x
(see table below for the version numbers).
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3277 to this issue.
VMware would like to thank Alexander Trofimov and Marc Esher for
independently reporting this issue to VMware.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any 7.1.2 build 301548 or later *
Workstation 6.5.x any not affected
Player 3.x any 3.1.2 build 301548 or later *
Player 2.5.x any not affected
AMS any any not affected
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
- Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable.
b. Third party libpng updated to version 1.2.44
A buffer overflow condition in libpng is addressed that could
potentially lead to code execution with the privileges of the
application using libpng. Two potential denial of service issues
are also addressed in the update.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249
to these issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.1.x any 7.1.2 build 301548 or later
Workstation 6.5.x any affected, patch pending
Player 3.1.x any 3.1.2 build 301548 or later
Player 2.5.x any affected, patch pending
AMS any any not affected
Server any any affected, no patch planned
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.
A function in Apache HTTP Server when multithreaded MPM is used
does not properly handle headers in subrequests in certain
circumstances which may allow remote attackers to obtain sensitive
information via a crafted request that triggers access to memory
locations associated with an earlier request.
The Apache mod_isapi module can be forced to unload a specific
library before the processing of a request is complete, resulting
in memory corruption. This vulnerability may allow a remote
attacker to execute arbitrary code.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation any any not affected
Player any any not affected
AMS any Windows 2.7.2 build 301548 or later
AMS any Linux affected, patch pending *
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note CVE-2010-0425 is not applicable to AMS running on Linux
-
Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 7.1.2
http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html
Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: 2e9715ec297dc3ca904ad2707d3e2614
sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a
Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 066929f59aef46f11f4d9fd6c6b36e4d
sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3
VMware Player 3.1.2
http://www.vmware.com/download/player/ Release notes:
http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html
VMware Player for Windows 32-bit and 64-bit
md5sum: 3f289cb33af5e425c92d8512fb22a7ba
sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70
VMware Player for Linux 32-bit
md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8
sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749
VMware Player for Linux 64-bit
md5sum: 2ab08e0d4050719845a64d334ca15bb1
sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c
VMware ACE Management Server 2.7.2
http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html
ACE Management Server for Windows
md5sum: 02f0072b8e48a98ed914b633f070d550
sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
- Change log
2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware Security Advisories http://www.vmware.com/security/advisoiries
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- .
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205
Updated Packages:
Mandriva Linux 2008.0: a490385a7af091254460923d5b370281 2008.0/i586/libpng3-1.2.22-0.4mdv2008.0.i586.rpm 0a24bbf70a2d0acfe67872e0c9d8f709 2008.0/i586/libpng-devel-1.2.22-0.4mdv2008.0.i586.rpm 4606a9e929c6051e122b70ebe2e7bad4 2008.0/i586/libpng-source-1.2.22-0.4mdv2008.0.i586.rpm 694d03d2e8d3bcd07fc0684fd8a6b0c9 2008.0/i586/libpng-static-devel-1.2.22-0.4mdv2008.0.i586.rpm da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 4502fd5d882a47d409bfd0e0bc154c88 2008.0/x86_64/lib64png3-1.2.22-0.4mdv2008.0.x86_64.rpm 91b539a7a3a87d57c1ee1e33921aa787 2008.0/x86_64/lib64png-devel-1.2.22-0.4mdv2008.0.x86_64.rpm f0e202692b44e5ebd09168e307a1ad7b 2008.0/x86_64/lib64png-static-devel-1.2.22-0.4mdv2008.0.x86_64.rpm a5c685aa7aac15155af58211a576e08c 2008.0/x86_64/libpng-source-1.2.22-0.4mdv2008.0.x86_64.rpm da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm
Corporate 4.0: e224d113e77e285d85ff11c55dae9e50 corporate/4.0/i586/libpng3-1.2.8-1.7.20060mlcs4.i586.rpm c0d62f11277442b0d7a909d0c1c53249 corporate/4.0/i586/libpng3-devel-1.2.8-1.7.20060mlcs4.i586.rpm 8ea7ca8ab7bbed8f2683698a3f493d56 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.7.20060mlcs4.i586.rpm 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm
Corporate 4.0/X86_64: a19c0839e78e5d16cc159621ff8e3786 corporate/4.0/x86_64/lib64png3-1.2.8-1.7.20060mlcs4.x86_64.rpm 68d1b5c5174f6de15eb1d68735e45e0f corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm d477b9271f6beba77435121f09dff09d corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 5fe2f05d45ebaac79c58e47429dedceb mnf/2.0/i586/libpng3-1.2.5-10.12.M20mdk.i586.rpm 0ebace3f9758ea06e6471317f95b253f mnf/2.0/i586/libpng3-devel-1.2.5-10.12.M20mdk.i586.rpm 3aa8ba999455eb190979ec7f6f22421a mnf/2.0/i586/libpng3-static-devel-1.2.5-10.12.M20mdk.i586.rpm 1ceca3083b90247ac1d1b68b4bf08f33 mnf/2.0/SRPMS/libpng-1.2.5-10.12.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLp88BmqjQ0CJFipgRAl2vAKCNCYs8gf3lw0tqgRMM6WC87P6roQCfZMU2 M2vZq2Q3ZYYDuZssm6LfxaI= =dFcH -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-913-1 March 16, 2010 libpng vulnerabilities CVE-2009-2042, CVE-2010-0205 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.5
Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.2
Ubuntu 8.10: libpng12-0 1.2.27-1ubuntu0.2
Ubuntu 9.04: libpng12-0 1.2.27-2ubuntu2.1
Ubuntu 9.10: libpng12-0 1.2.37-1ubuntu0.1
After a standard system upgrade you need to reboot your computer to effect the necessary changes.
Details follow:
It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2042)
It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-0205)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.diff.gz
Size/MD5: 22337 fa254fcc4cb513e59eb9467abad87cca
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.dsc
Size/MD5: 661 17f3956e31ccadfed0a3bfdc8f5f065a
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.5_all.deb
Size/MD5: 842 a5ab55fb1b372c9ac93493fd699b276f
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_amd64.deb
Size/MD5: 114374 1315864425b2dfaea123fe05118de0b0
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_amd64.deb
Size/MD5: 247552 4acf10d5d173d06843cb1dc9b1b894fe
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_amd64.udeb
Size/MD5: 69464 1761fb1c524387b8aabd7bd3dccb2eda
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_i386.deb
Size/MD5: 111916 0043501424d2cee81d5f6229a2b3d166
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_i386.deb
Size/MD5: 239610 8422b7b137f09b49d27541a87251cce4
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_i386.udeb
Size/MD5: 66948 a8e6db358ed472eb9f18d3b51aed1347
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_powerpc.deb
Size/MD5: 111422 a0ea39141ce6319b057db22e9fcaf8d6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_powerpc.deb
Size/MD5: 245142 d2d7ed0b8fa777fd58fe78345625a1e7
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_powerpc.udeb
Size/MD5: 66386 f65de398bac540da7a25370999eb9643
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_sparc.deb
Size/MD5: 108988 5bad496a668c87614866fe1f04c8c17e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_sparc.deb
Size/MD5: 239972 b3cf4fc712ab063ababdefc5030ad07a
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_sparc.udeb
Size/MD5: 63832 148d28886ec7fdb3334196a762daad1c
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.diff.gz
Size/MD5: 21048 9f9e2ce175afd0a41bfa613c8672a164
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.dsc
Size/MD5: 832 59b9f6994e1bef9b8f83561b70afda00
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.2_all.deb
Size/MD5: 940 e6cfd9d151530dac9ef81148e1690e61
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_amd64.deb
Size/MD5: 190022 6a7c0dfd7c8501f8628178b5b0eee0cd
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_amd64.deb
Size/MD5: 179662 bc60e9256f650d385f0c1d175c14fe80
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_amd64.udeb
Size/MD5: 70430 a6782df5314e3c49137b1d3253c2c6b4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_i386.deb
Size/MD5: 188650 0d4b87ea55d252a24bc74ebc4d748645
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_i386.deb
Size/MD5: 171178 9608ecb2bd7697bbf4510822a6c61e32
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_i386.udeb
Size/MD5: 69094 f39b5e822f4da67599876c68904ecad1
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_lpia.deb
Size/MD5: 189520 36f70d5b5d6cc10e89323efd72b3e061
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_lpia.deb
Size/MD5: 172882 1b5a5a4d6198c0eb6b14dc89c5a9da19
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_lpia.udeb
Size/MD5: 69994 a3e824e57de27f7b7ed1b93ddd6f6917
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_powerpc.deb
Size/MD5: 190076 8ec2399126dc45cb9069588dec4f23ef
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_powerpc.deb
Size/MD5: 179070 3a16935d6ed3029b636f5a2277470659
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_powerpc.udeb
Size/MD5: 70556 a2f68773735f91ca14c95fe374a56d7b
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_sparc.deb
Size/MD5: 185426 8755e9f8c1be78dbe2de213d9666fd7f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_sparc.deb
Size/MD5: 173332 f94ff6354e27bda2f21a8a542e77f274
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_sparc.udeb
Size/MD5: 65854 2631780a00ee2727264e6d0f477daa83
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.diff.gz
Size/MD5: 19116 22de419d4a9203e183ccc14813b0d5e2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.dsc
Size/MD5: 1293 bd0ff3a04141fae88c8136f6f9ee63d4
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-1ubuntu0.2_all.deb
Size/MD5: 934 cdd02e7c09b4bb61bd14670f155f81f4
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_amd64.deb
Size/MD5: 168308 37a5c4970ffd3dc878026e66310bfecc
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_amd64.deb
Size/MD5: 255526 df3e911f99e2d64d3246710e0dea9d49
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_amd64.udeb
Size/MD5: 72758 6a64efb6a07e32ddfe80bed566e110c8
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_i386.deb
Size/MD5: 166630 08a7389cb42e41ebba773ecdb9e347fe
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_i386.deb
Size/MD5: 247664 e39fbb64952529e977b335e308662782
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_i386.udeb
Size/MD5: 71014 9e5c717ed5d4e17d86caabb80221030d
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_lpia.deb
Size/MD5: 167096 ed195852cc2b60cb0ddc9cccf87ed280
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_lpia.deb
Size/MD5: 248616 dc85b020b9a129916f24618d3e27e684
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_lpia.udeb
Size/MD5: 71418 e60289ac791f78aae8eb5598a3eacb5a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_powerpc.deb
Size/MD5: 167230 5f8b71b3a98b1645727f1f4ae534f960
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_powerpc.deb
Size/MD5: 254380 76ea57650fd01eb86a315ca0b73dcdca
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_powerpc.udeb
Size/MD5: 71582 f9b8803343f2f61bf5f07b1fb4a25918
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_sparc.deb
Size/MD5: 162222 445a3d3abb843e73fbf89fe0520ab664
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_sparc.deb
Size/MD5: 248216 768f20b123d1b0c1c448b3b240245d5c
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_sparc.udeb
Size/MD5: 66728 cf376eab6461fdee69f0bbde6d58dc53
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.diff.gz
Size/MD5: 174503 ffa63cd1b57dc442faff9a65d2f25ee7
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.dsc
Size/MD5: 1296 890ff19ff7b12aa90d0d38c0b1550055
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.1_all.deb
Size/MD5: 936 3dee09961304f1caf76db0995a027b95
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_amd64.udeb
Size/MD5: 72778 30622682dc700cba1101384ab84fe7ca
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_amd64.deb
Size/MD5: 168382 4be6ce864bf04169baf7d4b656ea8e02
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_amd64.deb
Size/MD5: 255620 730ed6a69006fa14753ef99f89664d31
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_i386.udeb
Size/MD5: 71084 5a3cc8f7589fae49e91689d85476b193
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_i386.deb
Size/MD5: 166732 d674a5262197c091d9ca5b2370cff187
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_i386.deb
Size/MD5: 247744 644a3757529a46d3389e2db18a566f3d
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_lpia.udeb
Size/MD5: 71472 662aba7284b732240c2d7bff864eed12
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_lpia.deb
Size/MD5: 167200 47dc03f91b37b73626e026cb7da28b15
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_lpia.deb
Size/MD5: 248706 a01e8fe54d38f4101c6ad0f78eec4a7e
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_powerpc.udeb
Size/MD5: 71564 96e3fb7342ab462db7a27fbd39a46649
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_powerpc.deb
Size/MD5: 167254 90e1cb3da8cc85953442611cf0faaed8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_powerpc.deb
Size/MD5: 254444 4b89c89e031c0d4265b1eb3da45f06e9
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_sparc.udeb
Size/MD5: 66646 ac9aa1a738ef8ed71bd8b876f1920098
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_sparc.deb
Size/MD5: 162176 06a1b4ab47a39790da4e9b1e0967c1d2
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_sparc.deb
Size/MD5: 248222 91cca4c40c4ce6ac41df52ea62e5008a
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.diff.gz
Size/MD5: 18107 a9bf93cac21b17a3589193ae511b75d2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.dsc
Size/MD5: 1293 dc9a20f9a129ad150f61ec9bb745b039
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz
Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.1_all.deb
Size/MD5: 934 3d21bd9bf41fe210303474389cfeb0a8
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_amd64.udeb
Size/MD5: 73848 d436fc20150573d565017d9e29141484
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_amd64.deb
Size/MD5: 174886 34607a76ee1ebdd82b5c71068e6e32b2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_amd64.deb
Size/MD5: 265214 f600588bdf4f00731d94ccd8bbc68455
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_i386.udeb
Size/MD5: 70382 7d93414ce0e28351b972605abae92cd1
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_i386.deb
Size/MD5: 171402 2b8f6f1c8e8300c3149c59d1fc107659
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_i386.deb
Size/MD5: 255250 a033009f8d9a990655437c3d129668bf
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_lpia.udeb
Size/MD5: 71012 d3df3a73bf61acb9f1d489a32b3b8a60
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_lpia.deb
Size/MD5: 172126 1b94fcc470ba8878eace85240fae74cf
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_lpia.deb
Size/MD5: 257172 3c3280435a2b7d1817b49cd4a3a14bef
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_powerpc.udeb
Size/MD5: 72402 e0b80daed7db7e00d2a921ed5708ffe8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_powerpc.deb
Size/MD5: 173494 31c424c02fe594bb6cf9acd1bef1763f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_powerpc.deb
Size/MD5: 264450 b0546250e1804b0d385bb8eb714cd2da
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_sparc.udeb
Size/MD5: 67312 0df0d665eeb40343b9d5485910101786
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_sparc.deb
Size/MD5: 168372 2a079837d6b9f47c41a02340c5d9e27c
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_sparc.deb
Size/MD5: 257434 05811c8ff658321e91078f280dacfbe7
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-2032-1 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano April 11, 2010 http://www.debian.org/security/faq
Package : libpng Vulnerability : several Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2009-2042 CVE-2010-0205 Debian Bugs : 533676 572308
Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-2042
libpng does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
For the testing (squeeze) and unstable (sid) distribution, these problems have been fixed in version 1.2.43-1
We recommend that you upgrade your libpng package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.dsc Size/MD5 checksum: 1201 abe81b0d3c4aa7a1fa418e29f2c5b297 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.diff.gz Size/MD5 checksum: 19687 60ede1843ceb8a1f127c54b847a74dfa
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny3_all.deb Size/MD5 checksum: 880 028b00e28aad8282714776c5dcca64a8
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_alpha.udeb Size/MD5 checksum: 86562 d9c50af59951e972557d393409b75bf2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_alpha.deb Size/MD5 checksum: 287752 1d7d84aee223c0933d1a616722607096 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_alpha.deb Size/MD5 checksum: 182436 001ecbf421f70ca521a3968f1d14c874
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_amd64.udeb Size/MD5 checksum: 71912 78fbe1a6568671e4c557ec12e29481b0 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_amd64.deb Size/MD5 checksum: 254500 481312a64867f31c363b7fbba9cfe171 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_amd64.deb Size/MD5 checksum: 167864 3d285c20d2f080313f82eb09dcb7261b
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_arm.udeb Size/MD5 checksum: 64566 a4a9742190557d14beae40133fb46cf1 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_arm.deb Size/MD5 checksum: 245438 a16f62e771622e05812172f7c7066504 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_arm.deb Size/MD5 checksum: 159612 81facf06de458dd6b1e84a78bb1acfc8
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_armel.udeb Size/MD5 checksum: 67028 56fc4199656d239231c7b8d8e035fead http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_armel.deb Size/MD5 checksum: 245930 9f64181bc16af0ad0de4ba2e86b25706 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_armel.deb Size/MD5 checksum: 162504 3129e1c2360fcba0309257e2b1dff8ca
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_hppa.udeb Size/MD5 checksum: 73858 9d5a53e3258b5149bee68a4d20067bf9 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_hppa.deb Size/MD5 checksum: 169602 12ddce05c84ef675c348a1e64f1a277c http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_hppa.deb Size/MD5 checksum: 261788 9297cb916e57e2f912de3f16bcbae475
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_i386.deb Size/MD5 checksum: 246968 083d472fd65f884c91dff5926e538342 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_i386.deb Size/MD5 checksum: 165560 233945ee4b1e442357276431ce495a4c http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_i386.udeb Size/MD5 checksum: 70094 769336f4574678e56931e1a1eaf6be6a
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_ia64.deb Size/MD5 checksum: 305324 42d7265034b84662467bb75456653787 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_ia64.udeb Size/MD5 checksum: 111776 ad716022a6a22371bb83f3966ebe17d4 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_ia64.deb Size/MD5 checksum: 206866 572b9d18c5adba74a4e5b99714968a60
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_mipsel.deb Size/MD5 checksum: 262242 e905771ac3fa905cc03a3ddc8f9872dd http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_mipsel.udeb Size/MD5 checksum: 68370 4d44877866357a0fd8474fd8fe183616 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_mipsel.deb Size/MD5 checksum: 164154 93c02dbae7dfe59b77ce4b683b82eaef
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_powerpc.deb Size/MD5 checksum: 166402 1d470464fe2b493aef8d95dde5fd95d8 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_powerpc.udeb Size/MD5 checksum: 70682 1dd9713672dbac4a7434f1f96a1184b5 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_powerpc.deb Size/MD5 checksum: 253478 7a87577e07ed0bb9e759b973b2d7cf18
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_s390.udeb Size/MD5 checksum: 73470 52b1a911a81f133a83a387663aa3ffb2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_s390.deb Size/MD5 checksum: 252988 18b4c8b17b3e30ab6cce89c21c99fbfc http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_s390.deb Size/MD5 checksum: 169264 601982b9a97707ab05e1f4469cd8e20e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_sparc.deb Size/MD5 checksum: 161562 facd643206903acfa3a503c1d69e9248 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_sparc.udeb Size/MD5 checksum: 66032 cbbe521a9a5629987603a57b8c9f35be http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_sparc.deb Size/MD5 checksum: 247212 76b8fe782fd0e5f7546bd535f8d442bc
These files will probably be moved into the stable distribution on its next update. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201003-1082",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.5"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.1"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "11"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.2"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.2.43"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "13"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.2.0"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.0"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.0.53"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.0.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.52"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.2.13"
},
{
"model": "lunascape",
"scope": "eq",
"trust": 0.8,
"vendor": "lunascape",
"version": "6"
},
{
"model": "libpng",
"scope": "lte",
"trust": 0.8,
"vendor": "png group",
"version": "1.4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.1.x"
},
{
"model": "server",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "7.1.x"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "pictbear",
"scope": "lt",
"trust": 0.8,
"vendor": "fenrir",
"version": "2.01"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.46"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.47"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.2.11"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.48"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.2.23"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.51"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.50"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8126538"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.24"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.25"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.17"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.43"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7"
},
{
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.16"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.18"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.8"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.13"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.33"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.21"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.43"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.20"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.36"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.14"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.691891"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10203137"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.6"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.12"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.32"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.8"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.9"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.53"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1.2301548"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.11"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.22"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1.2301548"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9156507"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7108231"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3185404"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.34"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.42"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.16"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.5"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.17"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "beta19",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.3"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2156735"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.15"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.35"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.37"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aura system platform sp1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.26"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.19"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "38478"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lunascape:lunascape",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:libpng:libpng",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fenrir-inc:pictbear",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Glenn Randers-Pehrson",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0205",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-0205",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-42810",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0205",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#576029",
"trust": 0.8,
"value": "0.85"
},
{
"author": "NVD",
"id": "CVE-2010-0205",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201003-024",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-42810",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-0205",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a \"decompression bomb\" attack. libpng Has a specific PNG ( Portable Network Graphics ) There is a problem with the file processing. libpng Contains crafted auxiliary chunks PNG When processing files, a huge amount of memory CPU May use resources. For more information, PNG Development Group Security advisories and Defending Libpng Applications Against Decompression Bombs Please confirm.Disturbance of service operation by a remote third party (DoS) An attack may be carried out. The \u0027libpng\u0027 library is prone to a remote denial-of-service vulnerability. \nSuccessful exploits will allow an attacker to consume an excessive amount of CPU memory, denying service to legitimate users. \nSuccessful exploits will allow an attacker to obtain potentially sensitive information. \nVersions prior to libpng 1.4.1, 1.2.43, and 1.0.53 are vulnerable. This resource consumption may cause applications using the libpng library to hang. The PNG format uses efficient compression to store graphic data and some related data in an auxiliary database. The PNG specification does not limit the number of chunks, limiting their size to 2.147G (2,147,483,647 bytes). Similarly, the specification limits the width and height of graphics to 2.147 billion rows and 2.147 billion columns. Since the deflate compression method can very efficiently compress data streams consisting of repeated single bytes, small PNG files may occupy a large amount of memory when decompressed, forming a \\\"decompression bomb that exhausts all available memory. For example, for a zTXt block containing 50,000 lines each containing 100 letters Z, the compressed size is about 17k bytes, but the decompressed size is 5M, and the compression ratio is about 300:1. Libpng library uses inefficient memory acquisition method when expanding compressed zTXt, iTXt and iCCP auxiliary data blocks. About 50k malformed iCCP blocks contained in graphic files can be decompressed to 60M, which will hang the browser for about 20 Minutes, a well-crafted malicious block can also hang the browser for even longer, using up all available memory. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201010-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Libpng: Multiple vulnerabilities\n Date: October 05, 2010\n Bugs: #307637, #324153, #335887\n ID: 201010-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in libpng might lead to privilege escalation\nor a Denial of Service. It is used by several programs, including web\nbrowsers and potentially server processes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-libs/libpng \u003c 1.4.3 \u003e= 1.4.3\n\nDescription\n===========\n\nMultiple vulnerabilities were found in libpng:\n\n* The png_decompress_chunk() function in pngrutil.c does not properly\n handle certain type of compressed data (CVE-2010-0205)\n\n* A buffer overflow in pngread.c when using progressive applications\n (CVE-2010-1205)\n\n* A memory leak in pngrutil.c when dealing with a certain type of\n chunks (CVE-2010-2249)\n\nImpact\n======\n\nAn attacker could exploit these vulnerabilities to cause programs\nlinked against the library to crash or execute arbitrary code with the\npermissions of the user running the vulnerable program, which could be\nthe root user. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.4.3\"\n\nReferences\n==========\n\n [ 1 ] CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n [ 2 ] CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n [ 3 ] CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201010-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0014\nSynopsis: VMware Workstation, Player, and ACE address several\n security issues. \nIssue date: 2010-09-23\nUpdated on: 2010-09-23 (initial release of advisory)\nCVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware Workstation and Player address a potential installer security\n issue and security issues in libpng. VMware ACE Management Server\n (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n VMware Workstation 7.1.1 and earlier,\n VMware Player 3.1.1 and earlier,\n VMware ACE Management Server 2.7.1 and earlier,\n\n Note: VMware Server was declared End Of Availability on January 2010,\n support will be limited to Technical Guidance for the duration\n of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n The Workstation 7.x and Player 3.x installers will load an index.htm\n file located in the current working directory on which Workstation\n 7.x or Player 3.x is being installed. This may allow an attacker to\n display a malicious file if they manage to get their file onto the\n system prior to installation. \n\n The issue can only be exploited at the time that Workstation 7.x or\n Player 3.x is being installed. Installed versions of Workstation and\n Player are not affected. The security issue is no longer present in\n the installer of the new versions of Workstation 7.x and Player 3.x\n (see table below for the version numbers). \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-3277 to this issue. \n\n VMware would like to thank Alexander Trofimov and Marc Esher for\n independently reporting this issue to VMware. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any 7.1.2 build 301548 or later *\n Workstation 6.5.x any not affected\n\n Player 3.x any 3.1.2 build 301548 or later *\n Player 2.5.x any not affected\n\n AMS any any not affected\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note: This only affects the installer, if you have a version of\n Workstation or Player installed you are not vulnerable. \n\n\n b. Third party libpng updated to version 1.2.44\n\n A buffer overflow condition in libpng is addressed that could\n potentially lead to code execution with the privileges of the\n application using libpng. Two potential denial of service issues\n are also addressed in the update. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.1.x any 7.1.2 build 301548 or later\n Workstation 6.5.x any affected, patch pending\n\n Player 3.1.x any 3.1.2 build 301548 or later\n Player 2.5.x any affected, patch pending\n\n AMS any any not affected\n\n Server any any affected, no patch planned\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n version 2.2.15. \n\n A function in Apache HTTP Server when multithreaded MPM is used\n does not properly handle headers in subrequests in certain\n circumstances which may allow remote attackers to obtain sensitive\n information via a crafted request that triggers access to memory\n locations associated with an earlier request. \n\n The Apache mod_isapi module can be forced to unload a specific\n library before the processing of a request is complete, resulting\n in memory corruption. This vulnerability may allow a remote\n attacker to execute arbitrary code. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation any any not affected\n\n Player any any not affected\n\n AMS any Windows 2.7.2 build 301548 or later\n AMS any Linux affected, patch pending *\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 7.1.2\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n VMware Player 3.1.2\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n VMware Player for Windows 32-bit and 64-bit\t\n md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n VMware Player for Linux 32-bit\t\n md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n VMware Player for Linux 64-bit\t\n md5sum: 2ab08e0d4050719845a64d334ca15bb1\n sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n VMware ACE Management Server 2.7.2\n ----------------------------------\n http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n Release notes:\n http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n ACE Management Server for Windows\t\n md5sum: 02f0072b8e48a98ed914b633f070d550\n sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23 VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. \n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n a490385a7af091254460923d5b370281 2008.0/i586/libpng3-1.2.22-0.4mdv2008.0.i586.rpm\n 0a24bbf70a2d0acfe67872e0c9d8f709 2008.0/i586/libpng-devel-1.2.22-0.4mdv2008.0.i586.rpm\n 4606a9e929c6051e122b70ebe2e7bad4 2008.0/i586/libpng-source-1.2.22-0.4mdv2008.0.i586.rpm\n 694d03d2e8d3bcd07fc0684fd8a6b0c9 2008.0/i586/libpng-static-devel-1.2.22-0.4mdv2008.0.i586.rpm \n da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 4502fd5d882a47d409bfd0e0bc154c88 2008.0/x86_64/lib64png3-1.2.22-0.4mdv2008.0.x86_64.rpm\n 91b539a7a3a87d57c1ee1e33921aa787 2008.0/x86_64/lib64png-devel-1.2.22-0.4mdv2008.0.x86_64.rpm\n f0e202692b44e5ebd09168e307a1ad7b 2008.0/x86_64/lib64png-static-devel-1.2.22-0.4mdv2008.0.x86_64.rpm\n a5c685aa7aac15155af58211a576e08c 2008.0/x86_64/libpng-source-1.2.22-0.4mdv2008.0.x86_64.rpm \n da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm\n\n Corporate 4.0:\n e224d113e77e285d85ff11c55dae9e50 corporate/4.0/i586/libpng3-1.2.8-1.7.20060mlcs4.i586.rpm\n c0d62f11277442b0d7a909d0c1c53249 corporate/4.0/i586/libpng3-devel-1.2.8-1.7.20060mlcs4.i586.rpm\n 8ea7ca8ab7bbed8f2683698a3f493d56 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.7.20060mlcs4.i586.rpm \n 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n a19c0839e78e5d16cc159621ff8e3786 corporate/4.0/x86_64/lib64png3-1.2.8-1.7.20060mlcs4.x86_64.rpm\n 68d1b5c5174f6de15eb1d68735e45e0f corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm\n d477b9271f6beba77435121f09dff09d corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm \n 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 5fe2f05d45ebaac79c58e47429dedceb mnf/2.0/i586/libpng3-1.2.5-10.12.M20mdk.i586.rpm\n 0ebace3f9758ea06e6471317f95b253f mnf/2.0/i586/libpng3-devel-1.2.5-10.12.M20mdk.i586.rpm\n 3aa8ba999455eb190979ec7f6f22421a mnf/2.0/i586/libpng3-static-devel-1.2.5-10.12.M20mdk.i586.rpm \n 1ceca3083b90247ac1d1b68b4bf08f33 mnf/2.0/SRPMS/libpng-1.2.5-10.12.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLp88BmqjQ0CJFipgRAl2vAKCNCYs8gf3lw0tqgRMM6WC87P6roQCfZMU2\nM2vZq2Q3ZYYDuZssm6LfxaI=\n=dFcH\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-913-1 March 16, 2010\nlibpng vulnerabilities\nCVE-2009-2042, CVE-2010-0205\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libpng12-0 1.2.8rel-5ubuntu0.5\n\nUbuntu 8.04 LTS:\n libpng12-0 1.2.15~beta5-3ubuntu0.2\n\nUbuntu 8.10:\n libpng12-0 1.2.27-1ubuntu0.2\n\nUbuntu 9.04:\n libpng12-0 1.2.27-2ubuntu2.1\n\nUbuntu 9.10:\n libpng12-0 1.2.37-1ubuntu0.1\n\nAfter a standard system upgrade you need to reboot your computer to effect\nthe necessary changes. \n\nDetails follow:\n\nIt was discovered that libpng did not properly initialize memory when\ndecoding certain 1-bit interlaced images. If a user or automated system\nwere tricked into processing crafted PNG images, an attacker could possibly\nuse this flaw to read sensitive information stored in memory. This issue\nonly affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2042)\n\nIt was discovered that libpng did not properly handle certain excessively\ncompressed PNG images. If a user or automated system were tricked into\nprocessing a crafted PNG image, an attacker could possibly use this flaw to\nconsume all available resources, resulting in a denial of service. \n(CVE-2010-0205)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.diff.gz\n Size/MD5: 22337 fa254fcc4cb513e59eb9467abad87cca\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.dsc\n Size/MD5: 661 17f3956e31ccadfed0a3bfdc8f5f065a\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.5_all.deb\n Size/MD5: 842 a5ab55fb1b372c9ac93493fd699b276f\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_amd64.deb\n Size/MD5: 114374 1315864425b2dfaea123fe05118de0b0\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_amd64.deb\n Size/MD5: 247552 4acf10d5d173d06843cb1dc9b1b894fe\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_amd64.udeb\n Size/MD5: 69464 1761fb1c524387b8aabd7bd3dccb2eda\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_i386.deb\n Size/MD5: 111916 0043501424d2cee81d5f6229a2b3d166\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_i386.deb\n Size/MD5: 239610 8422b7b137f09b49d27541a87251cce4\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_i386.udeb\n Size/MD5: 66948 a8e6db358ed472eb9f18d3b51aed1347\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_powerpc.deb\n Size/MD5: 111422 a0ea39141ce6319b057db22e9fcaf8d6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_powerpc.deb\n Size/MD5: 245142 d2d7ed0b8fa777fd58fe78345625a1e7\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_powerpc.udeb\n Size/MD5: 66386 f65de398bac540da7a25370999eb9643\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_sparc.deb\n Size/MD5: 108988 5bad496a668c87614866fe1f04c8c17e\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_sparc.deb\n Size/MD5: 239972 b3cf4fc712ab063ababdefc5030ad07a\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_sparc.udeb\n Size/MD5: 63832 148d28886ec7fdb3334196a762daad1c\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.diff.gz\n Size/MD5: 21048 9f9e2ce175afd0a41bfa613c8672a164\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.dsc\n Size/MD5: 832 59b9f6994e1bef9b8f83561b70afda00\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.2_all.deb\n Size/MD5: 940 e6cfd9d151530dac9ef81148e1690e61\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_amd64.deb\n Size/MD5: 190022 6a7c0dfd7c8501f8628178b5b0eee0cd\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_amd64.deb\n Size/MD5: 179662 bc60e9256f650d385f0c1d175c14fe80\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_amd64.udeb\n Size/MD5: 70430 a6782df5314e3c49137b1d3253c2c6b4\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_i386.deb\n Size/MD5: 188650 0d4b87ea55d252a24bc74ebc4d748645\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_i386.deb\n Size/MD5: 171178 9608ecb2bd7697bbf4510822a6c61e32\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_i386.udeb\n Size/MD5: 69094 f39b5e822f4da67599876c68904ecad1\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_lpia.deb\n Size/MD5: 189520 36f70d5b5d6cc10e89323efd72b3e061\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_lpia.deb\n Size/MD5: 172882 1b5a5a4d6198c0eb6b14dc89c5a9da19\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_lpia.udeb\n Size/MD5: 69994 a3e824e57de27f7b7ed1b93ddd6f6917\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_powerpc.deb\n Size/MD5: 190076 8ec2399126dc45cb9069588dec4f23ef\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_powerpc.deb\n Size/MD5: 179070 3a16935d6ed3029b636f5a2277470659\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_powerpc.udeb\n Size/MD5: 70556 a2f68773735f91ca14c95fe374a56d7b\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_sparc.deb\n Size/MD5: 185426 8755e9f8c1be78dbe2de213d9666fd7f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_sparc.deb\n Size/MD5: 173332 f94ff6354e27bda2f21a8a542e77f274\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_sparc.udeb\n Size/MD5: 65854 2631780a00ee2727264e6d0f477daa83\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.diff.gz\n Size/MD5: 19116 22de419d4a9203e183ccc14813b0d5e2\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.dsc\n Size/MD5: 1293 bd0ff3a04141fae88c8136f6f9ee63d4\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-1ubuntu0.2_all.deb\n Size/MD5: 934 cdd02e7c09b4bb61bd14670f155f81f4\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_amd64.deb\n Size/MD5: 168308 37a5c4970ffd3dc878026e66310bfecc\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_amd64.deb\n Size/MD5: 255526 df3e911f99e2d64d3246710e0dea9d49\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_amd64.udeb\n Size/MD5: 72758 6a64efb6a07e32ddfe80bed566e110c8\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_i386.deb\n Size/MD5: 166630 08a7389cb42e41ebba773ecdb9e347fe\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_i386.deb\n Size/MD5: 247664 e39fbb64952529e977b335e308662782\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_i386.udeb\n Size/MD5: 71014 9e5c717ed5d4e17d86caabb80221030d\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_lpia.deb\n Size/MD5: 167096 ed195852cc2b60cb0ddc9cccf87ed280\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_lpia.deb\n Size/MD5: 248616 dc85b020b9a129916f24618d3e27e684\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_lpia.udeb\n Size/MD5: 71418 e60289ac791f78aae8eb5598a3eacb5a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_powerpc.deb\n Size/MD5: 167230 5f8b71b3a98b1645727f1f4ae534f960\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_powerpc.deb\n Size/MD5: 254380 76ea57650fd01eb86a315ca0b73dcdca\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_powerpc.udeb\n Size/MD5: 71582 f9b8803343f2f61bf5f07b1fb4a25918\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_sparc.deb\n Size/MD5: 162222 445a3d3abb843e73fbf89fe0520ab664\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_sparc.deb\n Size/MD5: 248216 768f20b123d1b0c1c448b3b240245d5c\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_sparc.udeb\n Size/MD5: 66728 cf376eab6461fdee69f0bbde6d58dc53\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.diff.gz\n Size/MD5: 174503 ffa63cd1b57dc442faff9a65d2f25ee7\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.dsc\n Size/MD5: 1296 890ff19ff7b12aa90d0d38c0b1550055\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.1_all.deb\n Size/MD5: 936 3dee09961304f1caf76db0995a027b95\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_amd64.udeb\n Size/MD5: 72778 30622682dc700cba1101384ab84fe7ca\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_amd64.deb\n Size/MD5: 168382 4be6ce864bf04169baf7d4b656ea8e02\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_amd64.deb\n Size/MD5: 255620 730ed6a69006fa14753ef99f89664d31\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_i386.udeb\n Size/MD5: 71084 5a3cc8f7589fae49e91689d85476b193\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_i386.deb\n Size/MD5: 166732 d674a5262197c091d9ca5b2370cff187\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_i386.deb\n Size/MD5: 247744 644a3757529a46d3389e2db18a566f3d\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_lpia.udeb\n Size/MD5: 71472 662aba7284b732240c2d7bff864eed12\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_lpia.deb\n Size/MD5: 167200 47dc03f91b37b73626e026cb7da28b15\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_lpia.deb\n Size/MD5: 248706 a01e8fe54d38f4101c6ad0f78eec4a7e\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_powerpc.udeb\n Size/MD5: 71564 96e3fb7342ab462db7a27fbd39a46649\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_powerpc.deb\n Size/MD5: 167254 90e1cb3da8cc85953442611cf0faaed8\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_powerpc.deb\n Size/MD5: 254444 4b89c89e031c0d4265b1eb3da45f06e9\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_sparc.udeb\n Size/MD5: 66646 ac9aa1a738ef8ed71bd8b876f1920098\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_sparc.deb\n Size/MD5: 162176 06a1b4ab47a39790da4e9b1e0967c1d2\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_sparc.deb\n Size/MD5: 248222 91cca4c40c4ce6ac41df52ea62e5008a\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.diff.gz\n Size/MD5: 18107 a9bf93cac21b17a3589193ae511b75d2\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.dsc\n Size/MD5: 1293 dc9a20f9a129ad150f61ec9bb745b039\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz\n Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.1_all.deb\n Size/MD5: 934 3d21bd9bf41fe210303474389cfeb0a8\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_amd64.udeb\n Size/MD5: 73848 d436fc20150573d565017d9e29141484\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_amd64.deb\n Size/MD5: 174886 34607a76ee1ebdd82b5c71068e6e32b2\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_amd64.deb\n Size/MD5: 265214 f600588bdf4f00731d94ccd8bbc68455\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_i386.udeb\n Size/MD5: 70382 7d93414ce0e28351b972605abae92cd1\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_i386.deb\n Size/MD5: 171402 2b8f6f1c8e8300c3149c59d1fc107659\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_i386.deb\n Size/MD5: 255250 a033009f8d9a990655437c3d129668bf\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_lpia.udeb\n Size/MD5: 71012 d3df3a73bf61acb9f1d489a32b3b8a60\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_lpia.deb\n Size/MD5: 172126 1b94fcc470ba8878eace85240fae74cf\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_lpia.deb\n Size/MD5: 257172 3c3280435a2b7d1817b49cd4a3a14bef\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_powerpc.udeb\n Size/MD5: 72402 e0b80daed7db7e00d2a921ed5708ffe8\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_powerpc.deb\n Size/MD5: 173494 31c424c02fe594bb6cf9acd1bef1763f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_powerpc.deb\n Size/MD5: 264450 b0546250e1804b0d385bb8eb714cd2da\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_sparc.udeb\n Size/MD5: 67312 0df0d665eeb40343b9d5485910101786\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_sparc.deb\n Size/MD5: 168372 2a079837d6b9f47c41a02340c5d9e27c\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_sparc.deb\n Size/MD5: 257434 05811c8ff658321e91078f280dacfbe7\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2032-1 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nApril 11, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : libpng\nVulnerability : several\nProblem type : local (remote)\nDebian-specific: no\nCVE Id(s) : CVE-2009-2042 CVE-2010-0205\nDebian Bugs : 533676 572308\n\n\nSeveral vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2009-2042\n\nlibpng does not properly parse 1-bit interlaced images with width values\nthat are not divisible by 8, which causes libpng to include\nuninitialized bits in certain rows of a PNG file and might allow remote\nattackers to read portions of sensitive memory via \"out-of-bounds\npixels\" in the file. \n\nFor the testing (squeeze) and unstable (sid) distribution, these\nproblems have been fixed in version 1.2.43-1\n\nWe recommend that you upgrade your libpng package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.dsc\n Size/MD5 checksum: 1201 abe81b0d3c4aa7a1fa418e29f2c5b297\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.diff.gz\n Size/MD5 checksum: 19687 60ede1843ceb8a1f127c54b847a74dfa\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny3_all.deb\n Size/MD5 checksum: 880 028b00e28aad8282714776c5dcca64a8\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_alpha.udeb\n Size/MD5 checksum: 86562 d9c50af59951e972557d393409b75bf2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_alpha.deb\n Size/MD5 checksum: 287752 1d7d84aee223c0933d1a616722607096\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_alpha.deb\n Size/MD5 checksum: 182436 001ecbf421f70ca521a3968f1d14c874\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_amd64.udeb\n Size/MD5 checksum: 71912 78fbe1a6568671e4c557ec12e29481b0\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_amd64.deb\n Size/MD5 checksum: 254500 481312a64867f31c363b7fbba9cfe171\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_amd64.deb\n Size/MD5 checksum: 167864 3d285c20d2f080313f82eb09dcb7261b\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_arm.udeb\n Size/MD5 checksum: 64566 a4a9742190557d14beae40133fb46cf1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_arm.deb\n Size/MD5 checksum: 245438 a16f62e771622e05812172f7c7066504\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_arm.deb\n Size/MD5 checksum: 159612 81facf06de458dd6b1e84a78bb1acfc8\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_armel.udeb\n Size/MD5 checksum: 67028 56fc4199656d239231c7b8d8e035fead\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_armel.deb\n Size/MD5 checksum: 245930 9f64181bc16af0ad0de4ba2e86b25706\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_armel.deb\n Size/MD5 checksum: 162504 3129e1c2360fcba0309257e2b1dff8ca\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_hppa.udeb\n Size/MD5 checksum: 73858 9d5a53e3258b5149bee68a4d20067bf9\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_hppa.deb\n Size/MD5 checksum: 169602 12ddce05c84ef675c348a1e64f1a277c\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_hppa.deb\n Size/MD5 checksum: 261788 9297cb916e57e2f912de3f16bcbae475\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_i386.deb\n Size/MD5 checksum: 246968 083d472fd65f884c91dff5926e538342\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_i386.deb\n Size/MD5 checksum: 165560 233945ee4b1e442357276431ce495a4c\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_i386.udeb\n Size/MD5 checksum: 70094 769336f4574678e56931e1a1eaf6be6a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_ia64.deb\n Size/MD5 checksum: 305324 42d7265034b84662467bb75456653787\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_ia64.udeb\n Size/MD5 checksum: 111776 ad716022a6a22371bb83f3966ebe17d4\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_ia64.deb\n Size/MD5 checksum: 206866 572b9d18c5adba74a4e5b99714968a60\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_mipsel.deb\n Size/MD5 checksum: 262242 e905771ac3fa905cc03a3ddc8f9872dd\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_mipsel.udeb\n Size/MD5 checksum: 68370 4d44877866357a0fd8474fd8fe183616\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_mipsel.deb\n Size/MD5 checksum: 164154 93c02dbae7dfe59b77ce4b683b82eaef\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_powerpc.deb\n Size/MD5 checksum: 166402 1d470464fe2b493aef8d95dde5fd95d8\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_powerpc.udeb\n Size/MD5 checksum: 70682 1dd9713672dbac4a7434f1f96a1184b5\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_powerpc.deb\n Size/MD5 checksum: 253478 7a87577e07ed0bb9e759b973b2d7cf18\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_s390.udeb\n Size/MD5 checksum: 73470 52b1a911a81f133a83a387663aa3ffb2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_s390.deb\n Size/MD5 checksum: 252988 18b4c8b17b3e30ab6cce89c21c99fbfc\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_s390.deb\n Size/MD5 checksum: 169264 601982b9a97707ab05e1f4469cd8e20e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_sparc.deb\n Size/MD5 checksum: 161562 facd643206903acfa3a503c1d69e9248\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_sparc.udeb\n Size/MD5 checksum: 66032 cbbe521a9a5629987603a57b8c9f35be\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_sparc.deb\n Size/MD5 checksum: 247212 76b8fe782fd0e5f7546bd535f8d442bc\n\n\n These files will probably be moved into the stable distribution on\n its next update. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0205"
},
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "BID",
"id": "38478"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "PACKETSTORM",
"id": "87557"
},
{
"db": "PACKETSTORM",
"id": "87345"
},
{
"db": "PACKETSTORM",
"id": "88286"
}
],
"trust": 3.33
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42810",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42810"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#576029",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2010-0205",
"trust": 3.5
},
{
"db": "BID",
"id": "38478",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "38774",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0517",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "39251",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "41574",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "62670",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1023674",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0667",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-2491",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0626",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0686",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1107",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0682",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0605",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0637",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0847",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "94522",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "87569",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42810",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0847",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1107",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0667",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0605",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/2491",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0626",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0517",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0686",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0682",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0637",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-0205",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94244",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "87557",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "87345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88286",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "BID",
"id": "38478"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "PACKETSTORM",
"id": "87557"
},
{
"db": "PACKETSTORM",
"id": "87345"
},
{
"db": "PACKETSTORM",
"id": "88286"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"id": "VAR-201003-1082",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42810"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T22:46:23.470000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP"
},
{
"title": "libpng-1.2.10-7.1.3.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1210"
},
{
"title": "Security Advisory for libpng-1.4.0 and earlier, 27 February 2010",
"trust": 0.8,
"url": "http://libpng.sourceforge.net/ADVISORY-1.4.1.html"
},
{
"title": "Defending Libpng Applications Against Decompression Bombs",
"trust": 0.8,
"url": "http://libpng.sourceforge.net/decompression_bombs.html"
},
{
"title": "\u3010JVN \u306b\u63b2\u8f09\u3055\u308c\u305f\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u3011",
"trust": 0.8,
"url": "http://ja.bbs.luna.tv/viewtopic.php?f=68\u0026t=3721"
},
{
"title": "2078",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2078"
},
{
"title": "2079",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2079"
},
{
"title": "RHSA-2010:0534",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0534.html"
},
{
"title": "multiple_vulnerabilities_in_libpng",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng"
},
{
"title": "VMSA-2010-0014",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"title": "pictbear",
"trust": 0.8,
"url": "http://www.fenrir.co.jp/pictbear/"
},
{
"title": "libpng-1.4.1.tar.bz2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=214"
},
{
"title": "lpng141.zip",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=218"
},
{
"title": "lpng141.7z",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=217"
},
{
"title": "libpng-1.4.1.tar.xz",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=216"
},
{
"title": "libpng-1.4.1.tar.gz",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=215"
},
{
"title": "linpng_txt.zip",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=219"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2010-0205 VU#576029 libpng stalls on highly compressed ancillary chunks",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=068ed551f848e5205f1c655154c5d17e"
},
{
"title": "Debian CVElist Bug Report Logs: libpng: CVE-2009-2042 \"out-of-bounds pixels\" vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5f5cf6ccf38dd0426354a95830317f34"
},
{
"title": "Debian Security Advisories: DSA-2032-1 libpng -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=7efe228231e53c876f6e76ff8b041bb6"
},
{
"title": "Ubuntu Security Notice: libpng vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-913-1"
},
{
"title": "VMware Security Advisories: VMware Workstation, Player, and ACE address several security issues.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=b3571bd7da36d47dd9d3066ad9612f4c"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/576029"
},
{
"trust": 2.9,
"url": "http://libpng.sourceforge.net/advisory-1.4.1.html"
},
{
"trust": 2.6,
"url": "http://libpng.sourceforge.net/decompression_bombs.html"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/38478"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/38774"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/0517"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2010/dsa-2032"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037237.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037355.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037364.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037607.html"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:063"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:064"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"trust": 1.8,
"url": "http://osvdb.org/62670"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1023674"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/39251"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/41574"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"trust": 1.8,
"url": "http://ubuntu.com/usn/usn-913-1"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0605"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0626"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0637"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0667"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0682"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0686"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0847"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56661"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu576029/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0205"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205"
},
{
"trust": 0.3,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_libpng"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100108439"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/913-1/"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201010-01.xml"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisoiries"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-1ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_hppa.udeb"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_armel.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_armel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_hppa.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "BID",
"id": "38478"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "PACKETSTORM",
"id": "87557"
},
{
"db": "PACKETSTORM",
"id": "87345"
},
{
"db": "PACKETSTORM",
"id": "88286"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "BID",
"id": "38478"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "PACKETSTORM",
"id": "87557"
},
{
"db": "PACKETSTORM",
"id": "87345"
},
{
"db": "PACKETSTORM",
"id": "88286"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-03-02T00:00:00",
"db": "CERT/CC",
"id": "VU#576029"
},
{
"date": "2010-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-42810"
},
{
"date": "2010-03-03T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"date": "2010-03-02T00:00:00",
"db": "BID",
"id": "38478"
},
{
"date": "2010-10-05T22:16:57",
"db": "PACKETSTORM",
"id": "94522"
},
{
"date": "2010-09-25T18:50:30",
"db": "PACKETSTORM",
"id": "94244"
},
{
"date": "2010-03-23T23:16:59",
"db": "PACKETSTORM",
"id": "87569"
},
{
"date": "2010-03-23T22:20:24",
"db": "PACKETSTORM",
"id": "87557"
},
{
"date": "2010-03-17T00:04:21",
"db": "PACKETSTORM",
"id": "87345"
},
{
"date": "2010-04-13T00:25:27",
"db": "PACKETSTORM",
"id": "88286"
},
{
"date": "2010-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"date": "2010-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"date": "2010-03-03T19:30:00.493000",
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-03-02T00:00:00",
"db": "CERT/CC",
"id": "VU#576029"
},
{
"date": "2020-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-42810"
},
{
"date": "2020-08-07T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"date": "2015-04-13T20:16:00",
"db": "BID",
"id": "38478"
},
{
"date": "2020-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libpng stalls on highly compressed ancillary chunks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#576029"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
}
],
"trust": 0.6
}
}
VAR-201801-0826
Vulnerability from variot - Updated: 2026-03-09 21:54Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Meltdown vulnerability exists in the CPU processor core, which \"melts\" the security boundary implemented by hardware, allowing low-privileged user-level applications to \"cross-border\" access to system-level memory, causing data leakage. The following products and versions are affected: ARM Cortex-R7; Cortex-R8; Cortex-A8; Cortex-A9; Cortex-A12; Intel Xeon CPU E5-1650 v3, v2, v4 versions; Xeon E3-1265l v2, v3, v4 Version; Xeon E3-1245 v2, v3, v5, v6 versions; Xeon X7542, etc. Description:
The microcode_ctl packages provide microcode updates for Intel and AMD processors. 7) - x86_64
- Description:
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. (CVE-2017-5715)
Note: This is the qemu-kvm side of the CVE-2017-5715 mitigation. Once all virtual machines have shut down, start them again for this update to take effect. (CVE-2017-17712)
Laurent Guerby discovered that the mbcache feature in the ext2 and ext4 filesystems in the Linux kernel improperly handled xattr block caching. ========================================================================== Ubuntu Security Notice USN-3777-3 October 23, 2018
linux-azure vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-17182)
It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. An attacker could use this to expose sensitive information. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715)
It was discovered that a stack-based buffer overflow existed in the iSCSI target implementation of the Linux kernel. A remote attacker could use this to cause a denial of service (system crash). A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2018-3639)
It was discovered that a memory leak existed in the IRDA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (kernel memory exhaustion). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-6555)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: linux-image-4.15.0-1025-azure 4.15.0-1025.26 linux-image-azure 4.15.0.1025.25
Ubuntu 16.04 LTS: linux-image-4.15.0-1025-azure 4.15.0-1025.26~16.04.1 linux-image-azure 4.15.0.1025.31
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. On i386 and amd64 architectures, the IBRS and IBPB features are required to enable the kernel mitigations. Ubuntu users with a processor from a different vendor should contact the vendor to identify necessary firmware updates. Ubuntu will provide corresponding QEMU updates in the future for users of self-hosted virtual environments in coordination with upstream QEMU. Ubuntu users in cloud environments should contact the cloud provider to confirm that the hypervisor has been updated to expose the new CPU features to virtual machines. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security update Advisory ID: RHSA-2018:0009-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0009 Issue date: 2018-01-03 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.3) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.3) - ppc64, ppc64le, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.
Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.
In this update mitigations for x86-64 architecture are provided.
Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)
Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)
Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)
Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.
Red Hat would like to thank Google Project Zero for reporting these issues.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass 1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling
- Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.3):
Source: kernel-3.10.0-514.36.5.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-514.36.5.el7.noarch.rpm kernel-doc-3.10.0-514.36.5.el7.noarch.rpm
x86_64: kernel-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm kernel-devel-3.10.0-514.36.5.el7.x86_64.rpm kernel-headers-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.36.5.el7.x86_64.rpm perf-3.10.0-514.36.5.el7.x86_64.rpm perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm python-perf-3.10.0-514.36.5.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3):
x86_64: kernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.36.5.el7.x86_64.rpm perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.3):
Source: kernel-3.10.0-514.36.5.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-514.36.5.el7.noarch.rpm kernel-doc-3.10.0-514.36.5.el7.noarch.rpm
ppc64: kernel-3.10.0-514.36.5.el7.ppc64.rpm kernel-bootwrapper-3.10.0-514.36.5.el7.ppc64.rpm kernel-debug-3.10.0-514.36.5.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-debug-devel-3.10.0-514.36.5.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.36.5.el7.ppc64.rpm kernel-devel-3.10.0-514.36.5.el7.ppc64.rpm kernel-headers-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-libs-3.10.0-514.36.5.el7.ppc64.rpm perf-3.10.0-514.36.5.el7.ppc64.rpm perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm python-perf-3.10.0-514.36.5.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm
ppc64le: kernel-3.10.0-514.36.5.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debug-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.36.5.el7.ppc64le.rpm kernel-devel-3.10.0-514.36.5.el7.ppc64le.rpm kernel-headers-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-libs-3.10.0-514.36.5.el7.ppc64le.rpm perf-3.10.0-514.36.5.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm python-perf-3.10.0-514.36.5.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm
s390x: kernel-3.10.0-514.36.5.el7.s390x.rpm kernel-debug-3.10.0-514.36.5.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.s390x.rpm kernel-debug-devel-3.10.0-514.36.5.el7.s390x.rpm kernel-debuginfo-3.10.0-514.36.5.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-514.36.5.el7.s390x.rpm kernel-devel-3.10.0-514.36.5.el7.s390x.rpm kernel-headers-3.10.0-514.36.5.el7.s390x.rpm kernel-kdump-3.10.0-514.36.5.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-514.36.5.el7.s390x.rpm kernel-kdump-devel-3.10.0-514.36.5.el7.s390x.rpm perf-3.10.0-514.36.5.el7.s390x.rpm perf-debuginfo-3.10.0-514.36.5.el7.s390x.rpm python-perf-3.10.0-514.36.5.el7.s390x.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.s390x.rpm
x86_64: kernel-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm kernel-devel-3.10.0-514.36.5.el7.x86_64.rpm kernel-headers-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.36.5.el7.x86_64.rpm perf-3.10.0-514.36.5.el7.x86_64.rpm perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm python-perf-3.10.0-514.36.5.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.3):
ppc64: kernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-514.36.5.el7.ppc64.rpm perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debug-devel-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-514.36.5.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.36.5.el7.x86_64.rpm perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/speculativeexecution https://access.redhat.com/security/cve/CVE-2017-5753 https://access.redhat.com/security/cve/CVE-2017-5715 https://access.redhat.com/security/cve/CVE-2017-5754
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFaTW74XlSAg2UNWIIRAhXJAKCJMCaZ0NVTHbMZVqJo/apc0riu6gCeKrRp V5hk1dX+MUEGL5NsOPmBa6w= =ki2K -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x7550"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6442eq"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y31"
},
{
"_id": null,
"model": "xeon e5 1620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "lc5528"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640um"
},
{
"_id": null,
"model": "xeon e3 1285 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4302y"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2807"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3480"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8164"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3530"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2367m"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3460"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2460"
},
{
"_id": null,
"model": "xeon e3 1240 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3427u"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4105"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v2"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3520m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6102e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100e"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5570"
},
{
"_id": null,
"model": "xeon e3 1275 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1285l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217u"
},
{
"_id": null,
"model": "xeon e5 2637 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2810"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v3"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v4"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2480"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4980hq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6402p"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7295"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5300u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5540"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4000"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3540m"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3508"
},
{
"_id": null,
"model": "atom x5-e3940",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3820qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5500u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4890_v2"
},
{
"_id": null,
"model": "xeon e5 2608l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3689y"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3827"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "950"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380um"
},
{
"_id": null,
"model": "xeon e5 2470 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775r"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5157u"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2518"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5506"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4628l_v4"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5122"
},
{
"_id": null,
"model": "xeon e3 1260l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6126t"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2930"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2580"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7250f"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4250u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x7542"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2910"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300y"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "740qm"
},
{
"_id": null,
"model": "xeon e3 1235l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6138"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8158"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217ue"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5606"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675c"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2760"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450p"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "ec5509"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v3"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1578l_v5"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2760qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770"
},
{
"_id": null,
"model": "xeon e5 2440",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3437u"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2380p"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700mq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "ec5549"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3540"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "350m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570"
},
{
"_id": null,
"model": "xeon e3 1125c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3630qm"
},
{
"_id": null,
"model": "xeon e5 2620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v2"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3000"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790k"
},
{
"_id": null,
"model": "xeon e5 2648l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740"
},
{
"_id": null,
"model": "xeon e5 2648l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2320"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660lm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770r"
},
{
"_id": null,
"model": "xeon e5 1680 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v3"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y30"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1850"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w3690"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600"
},
{
"_id": null,
"model": "xeon e3 1125c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5020u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2312m"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4005"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8830"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400"
},
{
"_id": null,
"model": "xeon e5 2420",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700eq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1750"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3805"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v2"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7210"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2550k"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3245"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5680"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3130"
},
{
"_id": null,
"model": "xeon e3 1275 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1505m_v6"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4200"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3632qm"
},
{
"_id": null,
"model": "xeon e5 1650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2618l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2358"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "875k"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "820qm"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5115"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v3"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4800mq"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3560"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4005u"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735d"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3060"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3350p"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620ue"
},
{
"_id": null,
"model": "xeon e3 1245",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y71"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3740qm"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2350"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5257u"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2840"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860hq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4765t"
},
{
"_id": null,
"model": "xeon e3 1281 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2418l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1280 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110m"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3785"
},
{
"_id": null,
"model": "xeon e3 1271 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3455"
},
{
"_id": null,
"model": "xeon e5 2428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qm"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6126"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2308"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "670"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "480m"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3150"
},
{
"_id": null,
"model": "xeon e3 1290 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v3"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8857_v2"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3808"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770"
},
{
"_id": null,
"model": "xeon e3 1230 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6098p"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600m"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2920"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4750hq"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4260u"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6136"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4722hq"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745d"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4440s"
},
{
"_id": null,
"model": "xeon e5 2450 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2637m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2405s"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2316"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2940"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2700k"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4880_v2"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7290f"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x6550"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360u"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2830"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470s"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3130m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460t"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610m"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3825"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2558"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2420"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3360m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8250u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6006u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3440"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8180"
},
{
"_id": null,
"model": "xeon e3 1270 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620lm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2960xm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5518"
},
{
"_id": null,
"model": "xeon e5 2448l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5520"
},
{
"_id": null,
"model": "xeon e3 1240l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"_id": null,
"model": "xeon e3 1275 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120t"
},
{
"_id": null,
"model": "xeon e3 1268l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2830"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "650"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3537u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3720qm"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3700"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160"
},
{
"_id": null,
"model": "xeon e3 1265l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2640 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1220 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4202y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "990x"
},
{
"_id": null,
"model": "xeon bronze 3106",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200y"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y70"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3110m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5575r"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8600k"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5660"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2805"
},
{
"_id": null,
"model": "xeon e5 2648l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870_v2"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5118"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8650u"
},
{
"_id": null,
"model": "xeon e3 1220",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2537m"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3520"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "880"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3225"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5630"
},
{
"_id": null,
"model": "xeon e3 1225 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2418l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5620"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2617m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v4"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6132"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6260u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210m"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v5"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2620m"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775d"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2649m"
},
{
"_id": null,
"model": "xeon e3 1280 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v2"
},
{
"_id": null,
"model": "xeon e5 2618l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6130"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7500u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v4"
},
{
"_id": null,
"model": "xeon e5 2603",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2618l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712mq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500k"
},
{
"_id": null,
"model": "xeon e5 2407 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2435m"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4108"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3439y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702ec"
},
{
"_id": null,
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "15"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750"
},
{
"_id": null,
"model": "xeon e3 1505l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330t"
},
{
"_id": null,
"model": "xeon e5 2643 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4910mq"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j2900"
},
{
"_id": null,
"model": "xeon e3 1245 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770d"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6585r"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v2"
},
{
"_id": null,
"model": "xeon e5 2438l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v4"
},
{
"_id": null,
"model": "xeon e5 2440 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350h"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3590"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850_v2"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250t"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6146"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3558"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7600u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2665"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370t"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3850"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5618"
},
{
"_id": null,
"model": "xeon e5 2428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2430 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v4"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176"
},
{
"_id": null,
"model": "xeon e5 1620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w3670"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4648_v3"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607"
},
{
"_id": null,
"model": "xeon e3 1246 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160t"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v4"
},
{
"_id": null,
"model": "xeon e5 2650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7285"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4109t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100t"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735g"
},
{
"_id": null,
"model": "simatic winac rtx \\",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2010"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3950"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2880_v2"
},
{
"_id": null,
"model": "xeon e3 1278l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5119t"
},
{
"_id": null,
"model": "xeon e5 2403 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820eq"
},
{
"_id": null,
"model": "xeon e3 1230l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1280 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1225 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 1428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4012y"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150t"
},
{
"_id": null,
"model": "xeon e3 1265l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100te"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v4"
},
{
"_id": null,
"model": "xeon e3 1240 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5250u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940xm"
},
{
"_id": null,
"model": "xeon e3 1220 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2750"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2520m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2105"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500te"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6128"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710hq"
},
{
"_id": null,
"model": "xeon e3 1270 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v2"
},
{
"_id": null,
"model": "xeon e5 2430",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1558l_v5"
},
{
"_id": null,
"model": "xeon e3 1290",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.2.0"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2357m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4158u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4102e"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3450"
},
{
"_id": null,
"model": "xeon e5 2407",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5672"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qe"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100u"
},
{
"_id": null,
"model": "xeon e5 1680 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350t"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6126f"
},
{
"_id": null,
"model": "xeon e-1105c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v3"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8837"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5557u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4422e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300t"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6510"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v4"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3050"
},
{
"_id": null,
"model": "xeon e3 1230 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6134"
},
{
"_id": null,
"model": "xeon e3 12201",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4402ec"
},
{
"_id": null,
"model": "xeon e5 2620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6142f"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6148"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2115c"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2675qm"
},
{
"_id": null,
"model": "xeon e5 2640",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4000m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4288u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2640m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2540m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370"
},
{
"_id": null,
"model": "xeon e3 1225",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v2"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3430"
},
{
"_id": null,
"model": "xeon e5 2603 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8894_v4"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6148f"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3445"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610me"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4025u"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3710"
},
{
"_id": null,
"model": "atom x7-e3950",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2608l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v4"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6138t"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1800"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670k"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3858"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w3680"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430um"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699r_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5630"
},
{
"_id": null,
"model": "xeon e5 2609",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200h"
},
{
"_id": null,
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "73"
},
{
"_id": null,
"model": "xeon e5 2450l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4558u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570s"
},
{
"_id": null,
"model": "xeon e5 2643 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4578u"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3160"
},
{
"_id": null,
"model": "xeon e5 2628l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2637 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620le"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3426"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3667u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660ue"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "460m"
},
{
"_id": null,
"model": "xeon e3 1230 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2715qe"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570r"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3555le"
},
{
"_id": null,
"model": "xeon e3 1240",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1268l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "solidfire",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l7545"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8100"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "530"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867l"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4410e"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2738"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3815"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "580m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v2"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5645"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5530"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5647"
},
{
"_id": null,
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "17"
},
{
"_id": null,
"model": "xeon e3 1245 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "390m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6157u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550s"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3580"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4720hq"
},
{
"_id": null,
"model": "xeon e3 1280",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "450m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "720qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350u"
},
{
"_id": null,
"model": "xeon e5 2609 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4440"
},
{
"_id": null,
"model": "xeon e5 2418l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "840qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2635qm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5502"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "550"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4900mq"
},
{
"_id": null,
"model": "xeon e3 1270 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v4"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5120t"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6134m"
},
{
"_id": null,
"model": "xeon e3 1286 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 1620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1565l_v5"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3235rk"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2510e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7920hq"
},
{
"_id": null,
"model": "xeon e5 2420 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100h"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5670"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4960hq"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3230rk"
},
{
"_id": null,
"model": "hci compute node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2758"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6150"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160f"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2718"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5560"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540m"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6130t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5287u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702mq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2650l_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2348m"
},
{
"_id": null,
"model": "xeon e3 1285l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4278u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400t"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6140m"
},
{
"_id": null,
"model": "atom x5-e3930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6154"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430m"
},
{
"_id": null,
"model": "communications diameter signaling router",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.3"
},
{
"_id": null,
"model": "xeon e5 2650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1275 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2623 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1575m_v5"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770te"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "965"
},
{
"_id": null,
"model": "xeon e5 2630l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7210f"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2920xm"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3010"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3060"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5600u"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2560"
},
{
"_id": null,
"model": "xeon e3 1501l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300hq"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "5.2.6"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v4"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6140"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5950hq"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8168"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3355"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699a_v4"
},
{
"_id": null,
"model": "xeon e5 2620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5580"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v3"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3708"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2610ue"
},
{
"_id": null,
"model": "xeon e5 1660 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v2"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870s"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603_v2"
},
{
"_id": null,
"model": "xeon e5 1630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2657m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3338"
},
{
"_id": null,
"model": "xeon e5 2428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10c"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3710"
},
{
"_id": null,
"model": "xeon e5 2650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5750hq"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v3"
},
{
"_id": null,
"model": "xeon e5 2408l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2125"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y51"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "lc5518"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e7530"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620um"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6142m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2655le"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "960"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "ec5539"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5677"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v2"
},
{
"_id": null,
"model": "xeon e5 2430l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3510"
},
{
"_id": null,
"model": "xeon e5 2603 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570te"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340m"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3830"
},
{
"_id": null,
"model": "xeon e5 2640 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200u"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8153"
},
{
"_id": null,
"model": "xeon e5 2628l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2630qm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e7540"
},
{
"_id": null,
"model": "xeon e3 1240 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2538"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5603"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "610e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350k"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2730"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700ec"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100m"
},
{
"_id": null,
"model": "core m7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y75"
},
{
"_id": null,
"model": "xeon e3 1241 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qe"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7230f"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585l_v5"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3295rk"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3200rk"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5200u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2710qe"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "470um"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120me"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5650"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v3"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7290"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8550u"
},
{
"_id": null,
"model": "xeon e5 1650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v3"
},
{
"_id": null,
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "9"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4550u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670r"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4624l_v2"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2370m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450s"
},
{
"_id": null,
"model": "xeon e5 1660",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340te"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3687u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770k"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5675"
},
{
"_id": null,
"model": "xeon e3 1245 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 1428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3265rk"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2516"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2130"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v3"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3758"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3480"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2365m"
},
{
"_id": null,
"model": "xeon e5 1620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1545m_v5"
},
{
"_id": null,
"model": "xeon e3 1225 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380m"
},
{
"_id": null,
"model": "xeon e5 2643 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3840qm"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7560u"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2530"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qe"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4220y"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2557m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210y"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3470"
},
{
"_id": null,
"model": "xeon e5 2603 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980x"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712hq"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5120"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5609"
},
{
"_id": null,
"model": "xeon e3 1275",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2328m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5649"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3750"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v2"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1900"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702hq"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y30"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v4"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6130f"
},
{
"_id": null,
"model": "xeon e3 1275l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114t"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3205rk"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640lm"
},
{
"_id": null,
"model": "xeon e5 2470",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3320m"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2508"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5607"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4617"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330e"
},
{
"_id": null,
"model": "xeon e5 2620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850hq"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2338"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330te"
},
{
"_id": null,
"model": "xeon e5 2650l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710mq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3460"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3475s"
},
{
"_id": null,
"model": "xeon e3 1270",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v4"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "5.1.32"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2340ue"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5010u"
},
{
"_id": null,
"model": "xeon e3 1105c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3570"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5005u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500t"
},
{
"_id": null,
"model": "xeon e3 1258l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6360u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430s"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560"
},
{
"_id": null,
"model": "xeon bronze 3104",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "72"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1515m_v5"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4205"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2720qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670s"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3227u"
},
{
"_id": null,
"model": "xeon e5 2643",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735e"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585_v5"
},
{
"_id": null,
"model": "xeon e3 1220 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "930"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6200u"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2820"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2350m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2300"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330"
},
{
"_id": null,
"model": "xeon e5 2430l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2640 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "communications diameter signaling router",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3115c"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920xm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4810mq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658a_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5503"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870hq"
},
{
"_id": null,
"model": "xeon e5 2637 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2550"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3845"
},
{
"_id": null,
"model": "xeon e3 1220l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735f"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5530"
},
{
"_id": null,
"model": "xeon e3 1265l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4657l_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v3"
},
{
"_id": null,
"model": "xeon e3 1226 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3635qm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5667"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2375m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2677m"
},
{
"_id": null,
"model": "xeon e3 1230 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6320"
},
{
"_id": null,
"model": "xeon e5 2630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "655k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570t"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3160"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680"
},
{
"_id": null,
"model": "xeon e5 2448l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1231 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v4"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l7555"
},
{
"_id": null,
"model": "xeon e3 1260l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4771"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "760"
},
{
"_id": null,
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "57"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3826"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4500u"
},
{
"_id": null,
"model": "xeon e3 1286l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2890_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675r"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650l"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6144"
},
{
"_id": null,
"model": "communications diameter signaling router",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.2"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2377m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860qm"
},
{
"_id": null,
"model": "xeon e5 1650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2623 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5640"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5520"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6152"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770k"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "970"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4308u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4258u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v2"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v4"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176f"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770t"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5687"
},
{
"_id": null,
"model": "xeon e3 1501m v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6267u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3317u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2815"
},
{
"_id": null,
"model": "xeon e5 2650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2430m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850eq"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y32"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3795"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7567u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x7560"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4807"
},
{
"_id": null,
"model": "xeon e3 1220 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6287u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460s"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w"
},
{
"_id": null,
"model": "xeon e5 2630",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590s"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3530"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10a"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520um"
},
{
"_id": null,
"model": "xeon e5 2630l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4020y"
},
{
"_id": null,
"model": "xeon e5 2637",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1245 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3955"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2803"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v4"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5590"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7230"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5508"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "661"
},
{
"_id": null,
"model": "xeon e5 2609 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4950hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hk"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3380m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6350hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440eq"
},
{
"_id": null,
"model": "xeon e3 12201 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1235",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1240l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5550u"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7235"
},
{
"_id": null,
"model": "xeon e3 1505m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170t"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740d"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6142"
},
{
"_id": null,
"model": "xeon e3 1276 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660um"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "370m"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3538"
},
{
"_id": null,
"model": "xeon e5 2630l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2609 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3406"
},
{
"_id": null,
"model": "xeon e3 1505l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517ue"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5550"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v6"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5690"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2515e"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6138f"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220t"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8156"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5504"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2629m"
},
{
"_id": null,
"model": "xeon e5 2450l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130"
},
{
"_id": null,
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "75"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2410m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7660u"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4100"
},
{
"_id": null,
"model": "xeon e5 1660 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 1660 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2808"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4120u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2467m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3337u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hq"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j2850"
},
{
"_id": null,
"model": "xeon e3 1230",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570s"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v3"
},
{
"_id": null,
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y54"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700eq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697a_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775c"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6540"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y75"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700k"
},
{
"_id": null,
"model": "xeon e5 2628l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110e"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5015u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2102"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4402e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4510u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "975"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736f"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3308"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2520"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3339y"
},
{
"_id": null,
"model": "xeon e3 1225 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3450"
},
{
"_id": null,
"model": "xeon e5 2403",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700t"
},
{
"_id": null,
"model": "xeon e3 1270 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1285 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2390t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5650u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736g"
},
{
"_id": null,
"model": "hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3350"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5506"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v2"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700hq"
},
{
"_id": null,
"model": "communications diameter signaling router",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.1"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6167u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100"
},
{
"_id": null,
"model": "xeon e5 1428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2648l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e7520"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4400e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100t"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540um"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5507"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3230m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670t"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2806"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5638"
},
{
"_id": null,
"model": "xeon e3 1280 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1285 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210h"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v3"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v2"
},
{
"_id": null,
"model": "xeon e5 1630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3958"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6685r"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4760hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3229y"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160m"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3405"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8400"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4785t"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5640"
},
{
"_id": null,
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y57"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680um"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670"
},
{
"_id": null,
"model": "xeon e3 1240 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 1650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7250"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell emc",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qualcomm incorporated",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "windows sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "internet explorer",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "11"
},
{
"_id": null,
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "v8"
},
{
"_id": null,
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "10"
},
{
"_id": null,
"model": "edge",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "0"
},
{
"_id": null,
"model": "xeon cpu e5-1650",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v3"
},
{
"_id": null,
"model": "cortex a57",
"scope": null,
"trust": 0.6,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": "pro a8-9600 r7",
"scope": null,
"trust": 0.6,
"vendor": "amd",
"version": null
},
{
"_id": null,
"model": "compute cores 4c+6g",
"scope": "eq",
"trust": 0.6,
"vendor": "amd",
"version": "10"
},
{
"_id": null,
"model": "fx -8320 eight-core processor",
"scope": null,
"trust": 0.6,
"vendor": "amd",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00302"
},
{
"db": "NVD",
"id": "CVE-2017-5715"
}
]
},
"credits": {
"_id": null,
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "146772"
},
{
"db": "PACKETSTORM",
"id": "146526"
},
{
"db": "PACKETSTORM",
"id": "145853"
},
{
"db": "PACKETSTORM",
"id": "146525"
},
{
"db": "PACKETSTORM",
"id": "149917"
},
{
"db": "PACKETSTORM",
"id": "146019"
},
{
"db": "PACKETSTORM",
"id": "146009"
}
],
"trust": 0.7
},
"cve": "CVE-2017-5715",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2017-5715",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2018-00302",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-113918",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.1,
"id": "CVE-2017-5715",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5715",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2017-5715",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-00302",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-113918",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00302"
},
{
"db": "VULHUB",
"id": "VHN-113918"
},
{
"db": "NVD",
"id": "CVE-2017-5715"
},
{
"db": "NVD",
"id": "CVE-2017-5715"
}
]
},
"description": {
"_id": null,
"data": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as \"Variant 3a\" and \"Variant 4\". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Meltdown vulnerability exists in the CPU processor core, which \\\"melts\\\" the security boundary implemented by hardware, allowing low-privileged user-level applications to \\\"cross-border\\\" access to system-level memory, causing data leakage. The following products and versions are affected: ARM Cortex-R7; Cortex-R8; Cortex-A8; Cortex-A9; Cortex-A12; Intel Xeon CPU E5-1650 v3, v2, v4 versions; Xeon E3-1265l v2, v3, v4 Version; Xeon E3-1245 v2, v3, v5, v6 versions; Xeon X7542, etc. Description:\n\nThe microcode_ctl packages provide microcode updates for Intel and AMD\nprocessors. 7) - x86_64\n\n3. Description:\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for\nLinux on a variety of architectures. The qemu-kvm package provides the\nuser-space component for running virtual machines that use KVM. (CVE-2017-5715)\n\nNote: This is the qemu-kvm side of the CVE-2017-5715 mitigation. Once\nall virtual machines have shut down, start them again for this update to\ntake effect. (CVE-2017-17712)\n\nLaurent Guerby discovered that the mbcache feature in the ext2 and ext4\nfilesystems in the Linux kernel improperly handled xattr block caching. ==========================================================================\nUbuntu Security Notice USN-3777-3\nOctober 23, 2018\n\nlinux-azure vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nJann Horn discovered that the vmacache subsystem did not properly handle\nsequence number overflows, leading to a use-after-free vulnerability. A\nlocal attacker could use this to cause a denial of service (system crash)\nor execute arbitrary code. (CVE-2018-17182)\n\nIt was discovered that the paravirtualization implementation in the Linux\nkernel did not properly handle some indirect calls, reducing the\neffectiveness of Spectre v2 mitigations for paravirtual guests. A local\nattacker could use this to expose sensitive information. An attacker could use\nthis to expose sensitive information. This flaw is known as Spectre. A local attacker could use this to\nexpose sensitive information, including kernel memory. (CVE-2017-5715)\n\nIt was discovered that a stack-based buffer overflow existed in the iSCSI\ntarget implementation of the Linux kernel. A remote attacker could use this\nto cause a denial of service (system crash). A local\nattacker could use this to expose sensitive information, including kernel\nmemory. (CVE-2018-3639)\n\nIt was discovered that a memory leak existed in the IRDA subsystem of the\nLinux kernel. A local attacker could use this to cause a denial of service\n(kernel memory exhaustion). A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2018-6555)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.04 LTS:\n linux-image-4.15.0-1025-azure 4.15.0-1025.26\n linux-image-azure 4.15.0.1025.25\n\nUbuntu 16.04 LTS:\n linux-image-4.15.0-1025-azure 4.15.0-1025.26~16.04.1\n linux-image-azure 4.15.0.1025.31\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. On i386 and amd64\narchitectures, the IBRS and IBPB features are required to enable the\nkernel mitigations. Ubuntu users with a processor from a different vendor should\ncontact the vendor to identify necessary firmware updates. Ubuntu\nwill provide corresponding QEMU updates in the future for users of\nself-hosted virtual environments in coordination with upstream QEMU. \nUbuntu users in cloud environments should contact the cloud provider\nto confirm that the hypervisor has been updated to expose the new\nCPU features to virtual machines. Regressions\nwere discovered in the microcode updates which could cause system\ninstability on certain hardware platforms. At the request of Intel, we have\nreverted to the previous packaged microcode version, the 20170707 release. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security update\nAdvisory ID: RHSA-2018:0009-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:0009\nIssue date: 2018-01-03\n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.3\nExtended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.3) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 7.3) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 7.3) - ppc64, ppc64le, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a commonly\nused performance optimization). There are three primary variants of the\nissue which differ in the way the speculative execution can be exploited. \n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. The updated kernel packages provide software mitigation\nfor this hardware issue at a cost of potential performance penalty. Please\nrefer to References section for further information about this issue and\nthe performance impact. \n\nIn this update mitigations for x86-64 architecture are provided. \n\nVariant CVE-2017-5753 triggers the speculative execution by performing a\nbounds-check bypass. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nboundary and read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing\nbranch target injection. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nand guest/host boundaries and read privileged memory by conducting targeted\ncache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors,\nduring speculative execution of instruction permission faults, exception\ngeneration triggered by a faulting access is suppressed until the\nretirement of the whole instruction block. In a combination with the fact\nthat memory accesses may populate the cache even when the block is being\ndropped and never committed (executed), an unprivileged local attacker\ncould use this flaw to read privileged (kernel space) memory by conducting\ntargeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64\nmicroprocessors are not affected by this issue. \n\nRed Hat would like to thank Google Project Zero for reporting these issues. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass\n1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection\n1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling\n\n6. Package List:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.3):\n\nSource:\nkernel-3.10.0-514.36.5.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-514.36.5.el7.noarch.rpm\nkernel-doc-3.10.0-514.36.5.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-devel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-headers-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-514.36.5.el7.x86_64.rpm\nperf-3.10.0-514.36.5.el7.x86_64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-514.36.5.el7.x86_64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 7.3):\n\nSource:\nkernel-3.10.0-514.36.5.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-514.36.5.el7.noarch.rpm\nkernel-doc-3.10.0-514.36.5.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debug-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-devel-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-headers-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-514.36.5.el7.ppc64.rpm\nperf-3.10.0-514.36.5.el7.ppc64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\npython-perf-3.10.0-514.36.5.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debug-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-devel-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-headers-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-514.36.5.el7.ppc64le.rpm\nperf-3.10.0-514.36.5.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\npython-perf-3.10.0-514.36.5.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debug-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-514.36.5.el7.s390x.rpm\nkernel-devel-3.10.0-514.36.5.el7.s390x.rpm\nkernel-headers-3.10.0-514.36.5.el7.s390x.rpm\nkernel-kdump-3.10.0-514.36.5.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-514.36.5.el7.s390x.rpm\nperf-3.10.0-514.36.5.el7.s390x.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\npython-perf-3.10.0-514.36.5.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-devel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-headers-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-514.36.5.el7.x86_64.rpm\nperf-3.10.0-514.36.5.el7.x86_64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 7.3):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-514.36.5.el7.ppc64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-514.36.5.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-514.36.5.el7.x86_64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/speculativeexecution\nhttps://access.redhat.com/security/cve/CVE-2017-5753\nhttps://access.redhat.com/security/cve/CVE-2017-5715\nhttps://access.redhat.com/security/cve/CVE-2017-5754\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFaTW74XlSAg2UNWIIRAhXJAKCJMCaZ0NVTHbMZVqJo/apc0riu6gCeKrRp\nV5hk1dX+MUEGL5NsOPmBa6w=\n=ki2K\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5715"
},
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00302"
},
{
"db": "VULHUB",
"id": "VHN-113918"
},
{
"db": "PACKETSTORM",
"id": "146772"
},
{
"db": "PACKETSTORM",
"id": "145676"
},
{
"db": "PACKETSTORM",
"id": "145660"
},
{
"db": "PACKETSTORM",
"id": "145999"
},
{
"db": "PACKETSTORM",
"id": "146526"
},
{
"db": "PACKETSTORM",
"id": "145853"
},
{
"db": "PACKETSTORM",
"id": "145713"
},
{
"db": "PACKETSTORM",
"id": "146525"
},
{
"db": "PACKETSTORM",
"id": "149917"
},
{
"db": "PACKETSTORM",
"id": "146019"
},
{
"db": "PACKETSTORM",
"id": "146009"
},
{
"db": "PACKETSTORM",
"id": "145636"
}
],
"trust": 3.33
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-113918",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113918"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-5715",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#584653",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#180049",
"trust": 1.9
},
{
"db": "BID",
"id": "102376",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "155281",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "145645",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1040071",
"trust": 1.1
},
{
"db": "LENOVO",
"id": "LEN-18282",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "43427",
"trust": 1.1
},
{
"db": "CERT@VDE",
"id": "VDE-2018-003",
"trust": 1.1
},
{
"db": "CERT@VDE",
"id": "VDE-2018-002",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-608355",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA18-141A",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-00302",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "146019",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "149917",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "146009",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "146772",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145853",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145844",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146026",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146014",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145767",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146301",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146018",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146556",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148260",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145769",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146016",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150083",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145852",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145801",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146315",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148446",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146771",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146167",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146762",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147179",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145800",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147582",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146308",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145768",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145964",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146283",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146017",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146957",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146015",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145762",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146714",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145809",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146501",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201801-152",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-113918",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145676",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145660",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145999",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146526",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145713",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146525",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145636",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00302"
},
{
"db": "VULHUB",
"id": "VHN-113918"
},
{
"db": "PACKETSTORM",
"id": "146772"
},
{
"db": "PACKETSTORM",
"id": "145676"
},
{
"db": "PACKETSTORM",
"id": "145660"
},
{
"db": "PACKETSTORM",
"id": "145999"
},
{
"db": "PACKETSTORM",
"id": "146526"
},
{
"db": "PACKETSTORM",
"id": "145853"
},
{
"db": "PACKETSTORM",
"id": "145713"
},
{
"db": "PACKETSTORM",
"id": "146525"
},
{
"db": "PACKETSTORM",
"id": "149917"
},
{
"db": "PACKETSTORM",
"id": "146019"
},
{
"db": "PACKETSTORM",
"id": "146009"
},
{
"db": "PACKETSTORM",
"id": "145636"
},
{
"db": "NVD",
"id": "CVE-2017-5715"
}
]
},
"id": "VAR-201801-0826",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00302"
},
{
"db": "VULHUB",
"id": "VHN-113918"
}
],
"trust": 1.3670634874999998
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00302"
}
]
},
"last_update_date": "2026-03-09T21:54:12.830000Z",
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-203",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113918"
},
{
"db": "NVD",
"id": "CVE-2017-5715"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.9,
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"trust": 1.9,
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102376"
},
{
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"trust": 1.6,
"url": "https://support.apple.com//ht208394"
},
{
"trust": 1.6,
"url": "http://www.dell.com/support/speculative-store-bypass"
},
{
"trust": 1.6,
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/jun/36"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/nov/16"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"trust": 1.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180104-cpusidechannel"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"trust": 1.1,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2018-001.txt"
},
{
"trust": 1.1,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-003.txt"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"trust": 1.1,
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"trust": 1.1,
"url": "https://aws.amazon.com/de/security/security-bulletins/aws-2018-013/"
},
{
"trust": 1.1,
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"trust": 1.1,
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"trust": 1.1,
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"trust": 1.1,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180002"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"trust": 1.1,
"url": "https://security.paloaltonetworks.com/cve-2017-5715"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx231399"
},
{
"trust": 1.1,
"url": "https://support.f5.com/csp/article/k91229003"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/us/en/solutions/len-18282"
},
{
"trust": 1.1,
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"trust": 1.1,
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"trust": 1.1,
"url": "https://www.synology.com/support/security/synology_sa_18_01"
},
{
"trust": 1.1,
"url": "https://www.vmware.com/security/advisories/vmsa-2018-0007.html"
},
{
"trust": 1.1,
"url": "https://www.vmware.com/us/security/advisories/vmsa-2018-0002.html"
},
{
"trust": 1.1,
"url": "https://www.vmware.com/us/security/advisories/vmsa-2018-0004.html"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4120"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4213"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"trust": 1.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-18:03.speculative_execution.asc"
},
{
"trust": 1.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-19:26.mcu.asc"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/145645/spectre-information-disclosure-proof-of-concept.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/155281/freebsd-security-advisory-freebsd-sa-19-26.mcu.html"
},
{
"trust": 1.1,
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"trust": 1.1,
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"trust": 1.1,
"url": "https://spectreattack.com/"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0292"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040071"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3531-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3531-3/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3560-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3561-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3581-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3581-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3582-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3582-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3594-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3690-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"trust": 1.0,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03871en_us"
},
{
"trust": 1.0,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026languageid=en-fr"
},
{
"trust": 0.8,
"url": "https://vuls.cert.org/confluence/display/wiki/vulnerabilities+associated+with+cpu+speculative+execution"
},
{
"trust": 0.8,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"trust": 0.8,
"url": "https://developer.amd.com/wp-content/resources/124441_amd64_speculativestorebypassdisable_whitepaper_final.pdf"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta18-141a"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/208.html"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-speculative-execution-side-channel-mitigations.pdf"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-intel-analysis-of-speculative-execution-side-channels-white-paper.pdf"
},
{
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180521-cpusidechannel"
},
{
"trust": 0.8,
"url": "https://fortiguard.com/psirt/fg-ir-18-002"
},
{
"trust": 0.8,
"url": "https://support.hp.com/us-en/document/c06001626"
},
{
"trust": 0.8,
"url": "http://www.hitachi.com/hirt/publications/hirt-pub18001/"
},
{
"trust": 0.8,
"url": "https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/"
},
{
"trust": 0.8,
"url": "https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 0.8,
"url": "https://www.suse.com/support/kb/doc/?id=7022937"
},
{
"trust": 0.8,
"url": "https://www.synology.com/en-global/support/security/synology_sa_18_23"
},
{
"trust": 0.8,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/variant4"
},
{
"trust": 0.8,
"url": "https://kb.vmware.com/s/article/54951"
},
{
"trust": 0.8,
"url": "https://aws.amazon.com/security/security-bulletins/aws-2018-015/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
},
{
"trust": 0.6,
"url": "https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-5715"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8824"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17712"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15115"
},
{
"trust": 0.2,
"url": "https://www.ubuntu.com/usn/usn-3531-1"
},
{
"trust": 0.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026amp;languageid=en-fr"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03871en_us"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3541-2,"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3523-2,"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.13.0-37.42~16.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3597-1,"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3597-2,"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0037"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0023"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0106"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8952"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3582-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1087.92"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1085.93"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.4.0-116.140"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1019.24"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12190"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1052.61"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0~ubuntu17.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0~ubuntu16.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0~ubuntu17.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0~ubuntu14.04.2"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0060"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/3307851"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.13.0-36.40~16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/4.13.0-1011.14"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3581-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.13.0-1011.15"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3581-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oem/4.13.0-1021.23"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15572"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1025.26"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14633"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15594"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1025.26~16.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17182"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3777-3"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3777-1"
},
{
"trust": 0.1,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/spectreandmeltdown"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3541-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/4.13.0-1006.8"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3541-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oem/4.13.0-1017.18"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.13.0-31.34~16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.13.0-1007.10"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1742933"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3531-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0+really20170707ubuntu16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0+really20170707ubuntu17.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0+really20170707ubuntu14.04.1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-5753"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-5754"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0009"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00302"
},
{
"db": "VULHUB",
"id": "VHN-113918"
},
{
"db": "PACKETSTORM",
"id": "146772"
},
{
"db": "PACKETSTORM",
"id": "145676"
},
{
"db": "PACKETSTORM",
"id": "145660"
},
{
"db": "PACKETSTORM",
"id": "145999"
},
{
"db": "PACKETSTORM",
"id": "146526"
},
{
"db": "PACKETSTORM",
"id": "145853"
},
{
"db": "PACKETSTORM",
"id": "145713"
},
{
"db": "PACKETSTORM",
"id": "146525"
},
{
"db": "PACKETSTORM",
"id": "149917"
},
{
"db": "PACKETSTORM",
"id": "146019"
},
{
"db": "PACKETSTORM",
"id": "146009"
},
{
"db": "PACKETSTORM",
"id": "145636"
},
{
"db": "NVD",
"id": "CVE-2017-5715"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#180049",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-00302",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-113918",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146772",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145676",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145660",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145999",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146526",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145853",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145713",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146525",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "149917",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146019",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146009",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145636",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-5715",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-21T00:00:00",
"db": "CERT/CC",
"id": "VU#180049",
"ident": null
},
{
"date": "2018-01-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00302",
"ident": null
},
{
"date": "2018-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-113918",
"ident": null
},
{
"date": "2018-03-15T15:54:52",
"db": "PACKETSTORM",
"id": "146772",
"ident": null
},
{
"date": "2018-01-05T00:37:41",
"db": "PACKETSTORM",
"id": "145676",
"ident": null
},
{
"date": "2018-01-04T17:52:11",
"db": "PACKETSTORM",
"id": "145660",
"ident": null
},
{
"date": "2018-01-22T03:06:00",
"db": "PACKETSTORM",
"id": "145999",
"ident": null
},
{
"date": "2018-02-22T10:13:00",
"db": "PACKETSTORM",
"id": "146526",
"ident": null
},
{
"date": "2018-01-12T01:15:58",
"db": "PACKETSTORM",
"id": "145853",
"ident": null
},
{
"date": "2018-01-06T18:00:08",
"db": "PACKETSTORM",
"id": "145713",
"ident": null
},
{
"date": "2018-02-22T10:11:00",
"db": "PACKETSTORM",
"id": "146525",
"ident": null
},
{
"date": "2018-10-23T23:24:55",
"db": "PACKETSTORM",
"id": "149917",
"ident": null
},
{
"date": "2018-01-23T04:32:21",
"db": "PACKETSTORM",
"id": "146019",
"ident": null
},
{
"date": "2018-01-22T03:17:00",
"db": "PACKETSTORM",
"id": "146009",
"ident": null
},
{
"date": "2018-01-04T00:53:47",
"db": "PACKETSTORM",
"id": "145636",
"ident": null
},
{
"date": "2018-01-04T13:29:00.227000",
"db": "NVD",
"id": "CVE-2017-5715",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-06-19T00:00:00",
"db": "CERT/CC",
"id": "VU#180049",
"ident": null
},
{
"date": "2018-01-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00302",
"ident": null
},
{
"date": "2020-05-05T00:00:00",
"db": "VULHUB",
"id": "VHN-113918",
"ident": null
},
{
"date": "2025-05-06T15:15:51.640000",
"db": "NVD",
"id": "CVE-2017-5715",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "146526"
},
{
"db": "PACKETSTORM",
"id": "145853"
},
{
"db": "PACKETSTORM",
"id": "146525"
},
{
"db": "PACKETSTORM",
"id": "149917"
},
{
"db": "PACKETSTORM",
"id": "146019"
},
{
"db": "PACKETSTORM",
"id": "146009"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "146526"
},
{
"db": "PACKETSTORM",
"id": "146525"
}
],
"trust": 0.2
}
}
VAR-201801-1711
Vulnerability from variot - Updated: 2026-03-09 21:41Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Spectre vulnerability exists in the CPU processor core. Because Intel does not separate low-privileged applications from accessing kernel memory, an attacker can use a malicious application to obtain private data that should be quarantined. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Intel and ARM CPU chips have an information disclosure vulnerability, which originates from a flaw in the processor data boundary mechanism. The following products and versions are affected: ARM Cortex-A75; Intel Xeon E5-1650 v3, v2, v4; Xeon E3-1265l v2, v3, v4; Xeon E3-1245 v2, v3, v5, v6; Xeon X7542 wait. Relevant releases/architectures:
Image Updates for RHV-H - noarch
- These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. ========================================================================== Ubuntu Security Notice USN-3522-4 January 10, 2018
linux-lts-xenial regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
USN-3522-2 introduced a regression in the Linux Hardware Enablement kernel. Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem.
We apologize for the inconvenience.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: linux-image-4.4.0-109-generic 4.4.0-109.132~14.04.1 linux-image-4.4.0-109-lowlatency 4.4.0-109.132~14.04.1 linux-image-generic-lts-xenial 4.4.0.109.92 linux-image-lowlatency-lts-xenial 4.4.0.109.92
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
This specific attack has been named Meltdown and is addressed in the Linux kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table Isolation, enforcing a near complete separation of the kernel and userspace address maps and preventing the attack. This solution might have a performance impact, and can be disabled at boot time by passing `pti=off' to the kernel command line.
We also identified a regression for ancient userspaces using the vsyscall interface, for example chroot and containers using (e)glibc 2.13 and older, including those based on Debian 7 or RHEL/CentOS 6.
The other vulnerabilities (named Spectre) published at the same time are not addressed in this update and will be fixed in a later update.
For the stable distribution (stretch), this problem has been fixed in version 4.9.65-3+deb9u2.
For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlpOqZMACgkQ3rYcyPpX RFuTTQf/btBqg9/I3XlnJFyGAmd4eQolTcU5cfDJqNhD4TZoyMocghvw1kYtu7z9 bYVhwCRukJym8O8AXJOxvlcsP7g0ANXqVDHpzCN8byKYgzigVP9brfOu/zDa4uYY EYf8V3pc2QzNo5OV4G+sK5ZklkDnNIde+OxUfU0Otl9fUG2rS5JTFvaRgvGazlbb cN5wltoHD6DBeSRnfadwYPHQR5U+KAJNImh34Y6T73i7n5dGTnNhs6E7n0wlJL9O SQLwoqQeiDpcE7C4TZ1pb4AbFCZXaic+1ONbWy8D7erKNA7kV1U2LQDmPDw9kmua Lc5heEX026Xfdy83v6NAPwR+NU8stg== =GGyG -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03805en_us Version: 4
HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure.
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2018-01-10 Last Updated: 2018-01-09
Potential Security Impact: Local: Disclosure of Information, Elevation of Privilege
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY On January 3 2018, side-channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities may call for both an operating system update, provided by the OS vendor, and a system ROM update from HPE.
Note:
- This issue takes advantage of techniques commonly used in many modern processor architectures.
-
For further information, microprocessor vendors have provided security advisories:
References:
- PSRT110634
- PSRT110633
- PSRT110632
- CVE-2017-5715 - aka Spectre, branch target injection
- CVE-2017-5753 - aka Spectre, bounds check bypass
- CVE-2017-5754 - aka Meltdown, rogue data cache load, memory access permission check performed after kernel memory read
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HPE ProLiant DL380 Gen10 Server prior to v1.28
- HPE ProLiant DL180 Gen10 Server prior to v1.28
- HPE ProLiant DL160 Gen10 Server prior to v1.28
- HPE ProLiant DL360 Gen10 Server prior to v1.28
- HPE ProLiant ML110 Gen10 Server prior to v1.28
- HPE ProLiant DL580 Gen10 Server prior to v1.28
- HPE ProLiant DL560 Gen10 Server prior to v1.28
- HPE ProLiant DL120 Gen10 Server prior to v1.28
- HPE ProLiant ML350 Gen10 Server prior to v1.28
- HPE ProLiant XL450 Gen10 Server prior to v1.28
- HPE ProLiant XL170r Gen10 Server prior to v1.28
- HPE ProLiant BL460c Gen10 Server Blade prior to v1.28
- HPE ProLiant XL230a Gen9 Server prior to v2.54
- HPE ProLiant XL230k Gen10 Server prior to v1.28
- HPE ProLiant XL730f Gen9 Server prior to v2.54
- HPE ProLiant XL740f Gen9 Server prior to v2.54
- HPE ProLiant XL750f Gen9 Server prior to v2.54
- HPE ProLiant XL170r Gen9 Server prior to v2.54
- HP ProLiant DL60 Gen9 Server prior to v2.54
- HPE ProLiant XL450 Gen9 Server prior to v2.54
- HP ProLiant DL160 Gen9 Server prior to v2.54
- HPE Apollo 4200 Gen9 Server prior to v2.54
- HP ProLiant BL460c Gen9 Server Blade prior to v2.54
- HP ProLiant ML110 Gen9 Server prior to v2.54
- HP ProLiant ML150 Gen9 Server prior to v2.54
- HPE ProLiant ML350 Gen9 Server prior to v2.54
- HP ProLiant DL380 Gen9 Server prior to v2.54
- HP ProLiant DL120 Gen9 Server prior to v2.54
- HPE ProLiant DL560 Gen9 Server prior to v2.54
- HPE ProLiant XL270d Gen9 Special Server prior to v2.54
- HP ProLiant BL660c Gen9 Server prior to v2.54
- HPE ProLiant m710x Server Cartridge prior to v1.60
- HPE ProLiant DL20 Gen9 Server prior to v2.52
- HPE ProLiant DL385 Gen10 Server prior to v1.04
- HPE Synergy 660 Gen9 Compute Module prior to v2.54
- HPE Synergy 480 Gen10 Compute Module prior to v1.28
- HPE Synergy 480 Gen9 Compute Module prior to v2.54
- HPE ProLiant ML30 Gen9 Server prior to v2.52
- HPE ProLiant XL190r Gen10 Server prior to v1.28
- HPE ProLiant XL250a Gen9 Server prior to v2.54
- HPE ProLiant XL190r Gen9 Server prior to v2.54
- HP ProLiant DL80 Gen9 Server prior to v2.54
- HPE ProLiant DL180 Gen9 Server prior to v2.54
- HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server prior to v2.54
- HPE ProLiant WS460c Gen9 Workstation prior to v2.54
- HPE ProLiant DL580 Gen9 Special Server prior to v2.54
- HPE Synergy 680 Gen9 Compute Modules prior to v2.54
- HPE ProLiant XL260a Gen9 Server prior to 1/22/2018
- HPE ProLiant m510 Server Cartridge prior to 1/22/2018
- HPE ProLiant m710p Server Cartridge prior to 12/12/2017
- HP ProLiant m350 Server Cartridge prior to 12/12/2017
- HP ProLiant m300 Server Cartridge prior to 12/12/2017
- HP ProLiant ML350e Gen8 Server prior to 12/12/2017
- HPE ProLiant ML350e Gen8 v2 Server prior to 12/12/2017
- HP ProLiant BL460c Gen8 Server prior to 12/12/2017
- HP ProLiant BL660c Gen8 Server prior to 12/12/2017
- HPE ProLiant SL4540 Gen8 1 Node Server prior to 12/12/2017
- HP ProLiant DL380e Gen8 Server prior to 12/12/2017
- HP ProLiant DL360e Gen8 Server prior to 12/12/2017
- HP ProLiant ML350p Gen8 Server prior to 12/12/2017
- HP ProLiant DL360p Gen8 Server prior to 12/12/2017
- HP ProLiant DL380p Gen8 Server prior to 12/12/2017
- HP ProLiant DL320e Gen8 Server prior to 12/12/2017
- HPE ProLiant DL320e Gen8 v2 Server prior to 12/12/2017
- HP ProLiant ML310e Gen8 Server prior to 12/12/2017
- HPE ProLiant ML310e Gen8 v2 Server prior to 12/12/2017
- HP ProLiant DL160 Gen8 Server prior to 12/12/2017
- HP ProLiant SL270s Gen8 Server prior to 12/12/2017
- HP ProLiant SL250s Gen8 Server prior to 12/12/2017
- HP ProLiant SL230s Gen8 Server prior to 12/12/2017
- HP ProLiant DL560 Gen8 Server prior to 12/12/2017
- HPE ProLiant SL210t Gen8 Server prior to 12/12/2017
- HP ProLiant DL580 Gen8 Server prior to 12/12/2017 (v1.98)
- HP ProLiant ML10 Server prior to 12/12/2017
- HP ProLiant m710 Server Cartridge prior to 12/12/2017 (v1.60)
- HPE Synergy Composer prior to 12/12/2017
- HPE Integrity Superdome X with BL920s Blades prior to 8.8.6
- HPE Superdome Flex Server prior to 2.3.110
- HP ProLiant DL360 Gen9 Server prior to v2.54
- HPE Synergy 620 Gen9 Compute Module prior to v2.54
- HPE ProLiant Thin Micro TM200 Server prior to 1/16/2017
- HPE ProLiant ML350 Gen10 Server prior to v1.28
- HP ProLiant BL420c Gen8 Server prior to 12/12/2017
- HPE ProLiant ML10 v2 Server prior to 12/12/2017
- HPE ProLiant MicroServer Gen8 prior to 12/12/2017
- HPE Synergy 660 Gen10 Compute Module prior to v1.28
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2017-5715
8.2 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
6.8 (AV:A/AC:L/Au:N/C:C/I:P/A:N)
CVE-2017-5753
5.0 CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
5.4 (AV:A/AC:M/Au:N/C:P/I:P/A:P)
CVE-2017-5754
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following system ROM updates which include an updated microcode to resolve the vulnerability:
-
HPE has provided a customer bulletin https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us with specific instructions to obtain the udpated sytem ROM
-
Note:
- CVE-2017-5715 requires that the System ROM be updated and a vendor supplied operating system update be applied as well.
- For CVE-2017-5753, CVE-2017-5754 require only updates of a vendor supplied operating system.
- HPE will continue to add additional products to the list. Not all listed products have updated system ROMs yet. Impacted products awaiting system ROM updates are marked TBS (to be supplied).
HISTORY
Version:1 (rev.1) - 4 January 2018 Initial release
Version:2 (rev.2) - 5 January 2018 Added additional impacted products
Version:3 (rev.3) - 10 January 2018 Added more impacted products
Version:4 (rev.4) - 9 January 2018 Fixed product ID
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-18:03.speculative_execution Security Advisory The FreeBSD Project
Topic: Speculative Execution Vulnerabilities
Category: core Module: kernel Announced: 2018-03-14 Credits: Jann Horn (Google Project Zero); Werner Haas, Thomas Prescher (Cyberus Technology); Daniel Gruss, Moritz Lipp, Stefan Mangard, Michael Schwarz (Graz University of Technology); Paul Kocher; Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg (Rambus); Yuval Yarom (University of Adelaide and Data6) Affects: All supported versions of FreeBSD. Corrected: 2018-02-17 18:00:01 UTC (stable/11, 11.1-STABLE) 2018-03-14 04:00:00 UTC (releng/11.1, 11.1-RELEASE-p8) CVE Name: CVE-2017-5715, CVE-2017-5754
Special Note: Speculative execution vulnerability mitigation is a work in progress. This advisory addresses the most significant issues for FreeBSD 11.1 on amd64 CPUs. We expect to update this advisory to include 10.x for amd64 CPUs. Future FreeBSD releases will address this issue on i386 and other CPUs. freebsd-update will include changes on i386 as part of this update due to common code changes shared between amd64 and i386, however it contains no functional changes for i386 (in particular, it does not mitigate the issue on i386).
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I.
II. Problem Description
A number of issues relating to speculative execution were found last year and publicly announced January 3rd. Two of these, known as Meltdown and Spectre V2, are addressed here.
CVE-2017-5754 (Meltdown)
This issue relies on an affected CPU speculatively executing instructions beyond a faulting instruction. When this happens, changes to architectural state are not committed, but observable changes may be left in micro- architectural state (for example, cache). This may be used to infer privileged data.
CVE-2017-5715 (Spectre V2)
Spectre V2 uses branch target injection to speculatively execute kernel code at an address under the control of an attacker.
III. Impact
An attacker may be able to read secret data from the kernel or from a process when executing untrusted code (for example, in a web browser).
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility, followed by a reboot into the new kernel:
freebsd-update fetch
freebsd-update install
shutdown -r now
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.1]
fetch https://security.FreeBSD.org/patches/SA-18:03/speculative_execution-amd64-11.patch
fetch https://security.FreeBSD.org/patches/SA-18:03/speculative_execution-amd64-11.patch.asc
gpg --verify speculative_execution-amd64-11.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile your kernel as described in and reboot the system.
VI. Correction details
CVE-2017-5754 (Meltdown)
The mitigation is known as Page Table Isolation (PTI). PTI largely separates kernel and user mode page tables, so that even during speculative execution most of the kernel's data is unmapped and not accessible.
A demonstration of the Meltdown vulnerability is available at https://github.com/dag-erling/meltdown. A positive result is definitive (that is, the vulnerability exists with certainty). A negative result indicates either that the CPU is not affected, or that the test is not capable of demonstrating the issue on the CPU (and may need to be modified).
A patched kernel will automatically enable PTI on Intel CPUs. The status can be checked via the vm.pmap.pti sysctl:
sysctl vm.pmap.pti
vm.pmap.pti: 1
The default setting can be overridden by setting the loader tunable vm.pmap.pti to 1 or 0 in /boot/loader.conf. This setting takes effect only at boot.
PTI introduces a performance regression. The observed performance loss is significant in microbenchmarks of system call overhead, but is much smaller for many real workloads.
CVE-2017-5715 (Spectre V2)
There are two common mitigations for Spectre V2. This patch includes a mitigation using Indirect Branch Restricted Speculation, a feature available via a microcode update from processor manufacturers. The alternate mitigation, Retpoline, is a feature available in newer compilers. The feasibility of applying Retpoline to stable branches and/or releases is under investigation.
The patch includes the IBRS mitigation for Spectre V2. To use the mitigation the system must have an updated microcode; with older microcode a patched kernel will function without the mitigation.
IBRS can be disabled via the hw.ibrs_disable sysctl (and tunable), and the status can be checked via the hw.ibrs_active sysctl. IBRS may be enabled or disabled at runtime. Additional detail on microcode updates will follow.
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r329462 releng/11.1/ r330908
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqon0RfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n 5cKORw/+Lc5lxLhDgU1rQ0JF6sb2b80Ly5k+rJLXFWBvmEQt0uVyVkF4TMJ99M04 bcmrLbT4Pl0Csh/iEYvZQ4el12KvPDApHszsLTBgChD+KfCLvCZvBZzasgDWGD0E JhL4eIX0wjJ4oGGsT+TAqkmwXyAMJgWW/ZgZPFVXocylZTL3fV4g52VdG1Jnd2yu hnkViH2kVlVJqXX9AHlenIUfEmUiRUGrMh5oPPpFYDDmfJ+enZ8QLxfZtOKIliD7 u+2GP8V/bvaErkxqF5wwobybrBOMXpq9Y/fWw0EH/om7myevj/oORqK+ZmGZ17bl IRbdWxgjc1hN2TIMVn9q9xX6i0I0wSPwbpLYagKnSnE8WNVUTZUteaj1GKGTG1rj DFH2zOLlbRr/IXUFldM9b6VbZX6G5Ijxwy1DJzB/0KL5ZTbAReUR0pqHR7xpulbJ eDv8SKCwYiUpMuwPOXNdVlVLZSsH5/9A0cyjH3+E+eIhM8qyxw7iRFwA0DxnGVkr tkMo51Vl3Gl7JFFimGKljsE9mBh00m8B0WYJwknvfhdehO4WripcwI7/V5zL6cwj s018kaW4Xm77LOz6P1iN8nbcjZ9gN2AsPYUYYZqJxjCcZ7r489Hg9BhbDf0QtC0R gnwZWiZ/KuAy0C6vaHljsm0xPEM5nBz/yScFXDbuhEdmEgBBD6w= =fqrI -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security update Advisory ID: RHSA-2018:0018-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0018 Issue date: 2018-01-04 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 6.4) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.
Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.
In this update mitigations for x86-64 architecture are provided.
Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)
Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)
Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)
Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.
Red Hat would like to thank Google Project Zero for reporting these issues. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect. Bugs fixed (https://bugzilla.redhat.com/):
1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass 1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling
- Package List:
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: kernel-2.6.32-358.84.2.el6.src.rpm
noarch: kernel-doc-2.6.32-358.84.2.el6.noarch.rpm kernel-firmware-2.6.32-358.84.2.el6.noarch.rpm
x86_64: kernel-2.6.32-358.84.2.el6.x86_64.rpm kernel-debug-2.6.32-358.84.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.84.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.84.2.el6.x86_64.rpm kernel-devel-2.6.32-358.84.2.el6.x86_64.rpm kernel-headers-2.6.32-358.84.2.el6.x86_64.rpm perf-2.6.32-358.84.2.el6.x86_64.rpm perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: kernel-2.6.32-358.84.2.el6.src.rpm
x86_64: kernel-debug-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.84.2.el6.x86_64.rpm perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm python-perf-2.6.32-358.84.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/speculativeexecution https://access.redhat.com/security/cve/CVE-2017-5753 https://access.redhat.com/security/cve/CVE-2017-5715 https://access.redhat.com/security/cve/CVE-2017-5754
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. The vulnerability could be exploited to Local Disclosure of Information.
References:
- CVE-2017-5753
- CVE-2017-5715
- CVE-2017-5754
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HP Virtualization Performance Viewer Software - v2.20, v3.0, v3.01, v3.02, v3.03
- HPE Cloud Optimizer - v2.20, v3.0, v3.01, v3.02, v3.03
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
RESOLUTION
Micro Focus is actively working with its vendors to address any systems-level Spectre and Meltdown impacts.However, if you have immediate concerns or questions regarding CentOS and its approach to Spectre or Meltdown, please contact them directly. Please note that you will need to sign in using a Passport account.
3P = 3rd Party Software GN = Micro Focus General Software MU = Multi-Platform Software
System management and security procedures must be reviewed frequently to maintain system integrity. Micro Focus is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends that all users determine the applicability of this information to their individual situations and take appropriate action. Micro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, Micro Focus will not be responsible for any damages resulting from user's use or disregard of the information provided in this Security Bulletin. To the extent permitted by law, Micro Focus disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2017 EntIT Software LLC
Micro Focus shall not be liable for technical or editorial errors or omissions contained herein
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "xeon e5 2650l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "720qm"
},
{
"_id": null,
"model": "xeon e3 1240l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7235"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "550"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6585r"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3710"
},
{
"_id": null,
"model": "xeon e5 2430l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210m"
},
{
"_id": null,
"model": "xeon e3 1240 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10c"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5550"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6154"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "740qm"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736g"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350t"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6510"
},
{
"_id": null,
"model": "xeon e3 1225 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3235rk"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4720hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4000m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2405s"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8100"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860_v2"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3850"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2435m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3380m"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1545m_v5"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360"
},
{
"_id": null,
"model": "xeon e5 2637",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2518"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3317u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700ec"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160t"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3160"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "460m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4807"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3480"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3580"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y32"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5677"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330m"
},
{
"_id": null,
"model": "xeon e3 1278l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v2"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x6550"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5750hq"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570r"
},
{
"_id": null,
"model": "xeon e3 1265l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2760qm"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6134m"
},
{
"_id": null,
"model": "xeon e5 2430 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "650"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3295rk"
},
{
"_id": null,
"model": "xeon e3 1280 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4109t"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v3"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5550u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w3690"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v2"
},
{
"_id": null,
"model": "xeon e5 2603 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6260u"
},
{
"_id": null,
"model": "xeon e5 2620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1281 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660"
},
{
"_id": null,
"model": "xeon e5 2450l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v3"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735d"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2340ue"
},
{
"_id": null,
"model": "xeon e5 2630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867l"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5618"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y30"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775c"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8180"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "760"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700eq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460"
},
{
"_id": null,
"model": "xeon e3 1225 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2650l_v4"
},
{
"_id": null,
"model": "xeon e5 2420",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675c"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v2"
},
{
"_id": null,
"model": "xeon e5 2648l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5557u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v3"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3445"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3455"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5520"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2629m"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3700"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6138f"
},
{
"_id": null,
"model": "xeon e5 2438l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5257u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5502"
},
{
"_id": null,
"model": "xeon bronze 3106",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2480"
},
{
"_id": null,
"model": "xeon e5 2470 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600t"
},
{
"_id": null,
"model": "xeon e5 2407 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2450 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2675qm"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2940"
},
{
"_id": null,
"model": "xeon e5 2609 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350k"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1850"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2358"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460t"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7285"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460s"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j2900"
},
{
"_id": null,
"model": "xeon e5 2609 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2550"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210u"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3808"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3350"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5200u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4260u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5506"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v3"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6126f"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675r"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4750hq"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1515m_v5"
},
{
"_id": null,
"model": "xeon e3 1245",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qm"
},
{
"_id": null,
"model": "xeon e5 2418l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2643 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4722hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5500u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8650u"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3205rk"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v5"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5560"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2540m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5650"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5600u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3720qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210"
},
{
"_id": null,
"model": "core m7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y75"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3785"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820eq"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5120t"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3827"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2102"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610me"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1800"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330e"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3010"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "470um"
},
{
"_id": null,
"model": "xeon e5 1428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v3"
},
{
"_id": null,
"model": "xeon e5 2430",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v2"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4890_v2"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5649"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "610e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370t"
},
{
"_id": null,
"model": "xeon e5 2428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2640 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667"
},
{
"_id": null,
"model": "xeon e5 2618l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2300"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "530"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3060"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660lm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5690"
},
{
"_id": null,
"model": "xeon e5 2643 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v4"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2390t"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4105"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2515e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560m"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3530"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4880_v2"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176f"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1565l_v5"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4648_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600u"
},
{
"_id": null,
"model": "xeon e5 1660 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2467m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850hq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5680"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8857_v2"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8837"
},
{
"_id": null,
"model": "xeon e5 2620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4800mq"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2830"
},
{
"_id": null,
"model": "xeon e3 1505l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3406"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4628l_v4"
},
{
"_id": null,
"model": "xeon e5 2618l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5120"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3480"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2665"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v4"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v2"
},
{
"_id": null,
"model": "xeon e3 1220",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500t"
},
{
"_id": null,
"model": "xeon e5 2630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2550k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3689y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700hq"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3538"
},
{
"_id": null,
"model": "xeon e3 1265l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5672"
},
{
"_id": null,
"model": "xeon e5 1650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hk"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v2"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3570"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3350p"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3440"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3560"
},
{
"_id": null,
"model": "xeon e5 1680 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3437u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7500u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300y"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3460"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3355"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6157u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5667"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160f"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v4"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4624l_v2"
},
{
"_id": null,
"model": "xeon e5 1650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6140m"
},
{
"_id": null,
"model": "xeon e3 1268l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4550u"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2520"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200u"
},
{
"_id": null,
"model": "xeon e5 2608l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2803"
},
{
"_id": null,
"model": "xeon e5 2643 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5518"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980x"
},
{
"_id": null,
"model": "xeon e5 1620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2538"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3308"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y51"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640um"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4250u"
},
{
"_id": null,
"model": "xeon e5 2637 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7250"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770r"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3955"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2357m"
},
{
"_id": null,
"model": "xeon e3 1270 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hq"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3530"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2460"
},
{
"_id": null,
"model": "xeon e3 1220 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1230 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8158"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6006u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4158u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217ue"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v2"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2750"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585l_v5"
},
{
"_id": null,
"model": "xeon e5 2408l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116t"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3758"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3360m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112e"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e7530"
},
{
"_id": null,
"model": "xeon e5 1650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2348m"
},
{
"_id": null,
"model": "xeon e3 1275 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j2850"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v2"
},
{
"_id": null,
"model": "xeon e3 1240 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120t"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v2"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3229y"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3845"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2308"
},
{
"_id": null,
"model": "xeon e3 1280 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702ec"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650"
},
{
"_id": null,
"model": "xeon e5 2637 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620ue"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5503"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6200u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4510u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5640"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6126"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200m"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y71"
},
{
"_id": null,
"model": "xeon e5 2630l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5122"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2370m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3427u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5575r"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4558u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710mq"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8168"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2630qm"
},
{
"_id": null,
"model": "xeon e3 1241 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4422e"
},
{
"_id": null,
"model": "xeon e3 1230l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1260l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2312m"
},
{
"_id": null,
"model": "xeon e3 1225",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l7555"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700"
},
{
"_id": null,
"model": "xeon e3 1271 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3635qm"
},
{
"_id": null,
"model": "xeon e3 1260l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6167u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330te"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6134"
},
{
"_id": null,
"model": "xeon e3 1245 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7567u"
},
{
"_id": null,
"model": "xeon e5 1650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2760"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "965"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3115c"
},
{
"_id": null,
"model": "xeon e3 1245 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1275 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1230",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5670"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2738"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940xm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3430"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100te"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660ue"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "975"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v2"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5675"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450m"
},
{
"_id": null,
"model": "xeon e3 1240 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658"
},
{
"_id": null,
"model": "xeon e5 2623 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qm"
},
{
"_id": null,
"model": "xeon e3 1285 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4000"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470s"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3470"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4760hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "990x"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200h"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8600k"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6146"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6142f"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4960hq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v3"
},
{
"_id": null,
"model": "xeon e5 2628l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7600u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v3"
},
{
"_id": null,
"model": "xeon e5 2630 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5950hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360u"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3590"
},
{
"_id": null,
"model": "xeon e5 1428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v3"
},
{
"_id": null,
"model": "xeon e5 2448l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "ec5549"
},
{
"_id": null,
"model": "xeon e5 2428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745d"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l7545"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850eq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5508"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2350"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2560"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2758"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120me"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7560u"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "ec5509"
},
{
"_id": null,
"model": "xeon e5 2637 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750s"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3540m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y75"
},
{
"_id": null,
"model": "xeon e3 1285l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3958"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6102e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4302y"
},
{
"_id": null,
"model": "xeon e5 2418l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3805"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3825"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770d"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2558"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3337u"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3508"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4100"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850_v2"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8153"
},
{
"_id": null,
"model": "xeon e5 2603 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5118"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2910"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3405"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2657m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5250u"
},
{
"_id": null,
"model": "xeon e3 1286l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 1660 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5115"
},
{
"_id": null,
"model": "xeon e3 12201 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1280",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590t"
},
{
"_id": null,
"model": "xeon e5 2640 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2643",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "880"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3820qm"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2520m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650u"
},
{
"_id": null,
"model": "xeon e3 1285 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5640"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4005"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3826"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2367m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3740qm"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2808"
},
{
"_id": null,
"model": "xeon e3 1225 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5647"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6148f"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4980hq"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3710"
},
{
"_id": null,
"model": "xeon e3 1240l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4402ec"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2715qe"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4020y"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3460"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2130"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w3670"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850hq"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v2"
},
{
"_id": null,
"model": "xeon e5 2430l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2718"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2610ue"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "390m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v3"
},
{
"_id": null,
"model": "xeon e5 2448l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4025u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6360u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7920hq"
},
{
"_id": null,
"model": "xeon e5 2407",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870hq"
},
{
"_id": null,
"model": "xeon e3 1275",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v2"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v3"
},
{
"_id": null,
"model": "xeon e3 1270 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "930"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2655le"
},
{
"_id": null,
"model": "xeon e3 1268l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2807"
},
{
"_id": null,
"model": "xeon e3 1501m v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y31"
},
{
"_id": null,
"model": "xeon e5 2618l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8550u"
},
{
"_id": null,
"model": "xeon e3 1220 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2603 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150t"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5506"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6130f"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920xm"
},
{
"_id": null,
"model": "xeon e3 1245 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3630qm"
},
{
"_id": null,
"model": "xeon e5 2450l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670k"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2840"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x7542"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620m"
},
{
"_id": null,
"model": "xeon e3 1225 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2410m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400t"
},
{
"_id": null,
"model": "xeon e5 1620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3130"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3339y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2620m"
},
{
"_id": null,
"model": "xeon e3 1276 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1558l_v5"
},
{
"_id": null,
"model": "xeon e3 1505m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4108"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2516"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "950"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2960xm"
},
{
"_id": null,
"model": "xeon e5 2650l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6130"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "840qm"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699r_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4500u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4400e"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6152"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300t"
},
{
"_id": null,
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3815"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v4"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2920"
},
{
"_id": null,
"model": "xeon e5 1620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6685r"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770s"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2815"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570k"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7230f"
},
{
"_id": null,
"model": "xeon e3 1220l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "970"
},
{
"_id": null,
"model": "xeon e3 1230 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3225"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v3"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "875k"
},
{
"_id": null,
"model": "xeon e3 1235l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350h"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1578l_v5"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3840qm"
},
{
"_id": null,
"model": "xeon e3 1226 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v6"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4308u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2920xm"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3338"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712mq"
},
{
"_id": null,
"model": "xeon e5 1428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3230m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2720qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3227u"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740d"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5530"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v4"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2930"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702mq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "ec5539"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5157u"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8164"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658a_v3"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690"
},
{
"_id": null,
"model": "xeon e5 2648l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2603",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2380p"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "lc5528"
},
{
"_id": null,
"model": "xeon e3 1275 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700mq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5606"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4005u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640lm"
},
{
"_id": null,
"model": "xeon e5 2628l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6138t"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116"
},
{
"_id": null,
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y57"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "820qm"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3450"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600k"
},
{
"_id": null,
"model": "xeon e3 1285 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310m"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2730"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5300u"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3426"
},
{
"_id": null,
"model": "xeon e3 12201",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v4"
},
{
"_id": null,
"model": "xeon e5 2418l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3475s"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340te"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2637m"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3750"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120m"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1750"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "580m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5540"
},
{
"_id": null,
"model": "xeon e5 1630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6136"
},
{
"_id": null,
"model": "xeon e5 2450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690k"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699a_v4"
},
{
"_id": null,
"model": "xeon e5 2403",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4785t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2375m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590s"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860hq"
},
{
"_id": null,
"model": "xeon e3 1270 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3200rk"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770te"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585_v5"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735g"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "670"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "960"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6128"
},
{
"_id": null,
"model": "xeon e5 2403 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440eq"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7290"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qe"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2700k"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3230rk"
},
{
"_id": null,
"model": "xeon e3 1501l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2440",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e7540"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v2"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3160"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2649m"
},
{
"_id": null,
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4205"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2580"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6142"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6402p"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8830"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7295"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5660"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4950hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660um"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3558"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520m"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e7520"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4402e"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3950"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2617m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697a_v4"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870_v2"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870"
},
{
"_id": null,
"model": "xeon e3 1245 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3667u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v3"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2806"
},
{
"_id": null,
"model": "xeon e5 1630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775r"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736f"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x7550"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2557m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570te"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620le"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4440s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4578u"
},
{
"_id": null,
"model": "xeon e5 2470",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v3"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6144"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3050"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2316"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "350m"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030u"
},
{
"_id": null,
"model": "xeon e5 2648l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5645"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6148"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5590"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4910mq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4440"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6287u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100u"
},
{
"_id": null,
"model": "xeon e3 1220 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e-1105c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v3"
},
{
"_id": null,
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "75"
},
{
"_id": null,
"model": "xeon e3 1258l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6130t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4202y"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100h"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700eq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2320"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8250u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100e"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3858"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610m"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2508"
},
{
"_id": null,
"model": "xeon e3 1235",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1125c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650l"
},
{
"_id": null,
"model": "xeon e3 1270 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3520m"
},
{
"_id": null,
"model": "xeon e5 2640 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7660u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4410e"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5638"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1575m_v5"
},
{
"_id": null,
"model": "xeon e3 1220 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750"
},
{
"_id": null,
"model": "xeon e5 2609 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3060"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670qm"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "370m"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2810"
},
{
"_id": null,
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j1900"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2430m"
},
{
"_id": null,
"model": "xeon e5 1620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2630l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7210f"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6132"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5630"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6126t"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2890_v2"
},
{
"_id": null,
"model": "xeon e5 1660 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4200"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v4"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5607"
},
{
"_id": null,
"model": "xeon e3 1240 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4012y"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y70"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v3"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4771"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520e"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3520"
},
{
"_id": null,
"model": "xeon e5 2420 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6540"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "lc5518"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850_v2"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5650u"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620um"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5620"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5530"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "480m"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775d"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620lm"
},
{
"_id": null,
"model": "xeon e3 1246 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1265l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4278u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3130m"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7230"
},
{
"_id": null,
"model": "xeon e3 1275l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2640m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5119t"
},
{
"_id": null,
"model": "xeon e5 2623 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2125"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2805"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4657l_v2"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y30"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517ue"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5570"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5520"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3320m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3245"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2420"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2510e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3632qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710hq"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6150"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v3"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3687u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5015u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6267u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300u"
},
{
"_id": null,
"model": "xeon e3 1275 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1285l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v4"
},
{
"_id": null,
"model": "xeon e3 1280 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4765t"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3830"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670t"
},
{
"_id": null,
"model": "xeon e5 1660",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340s"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w3680"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5287u"
},
{
"_id": null,
"model": "xeon e5 2630",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v3"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7290f"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2635qm"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2530"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670r"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v4"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300"
},
{
"_id": null,
"model": "xeon e3 1230 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770k"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v4"
},
{
"_id": null,
"model": "xeon e5 2440 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5603"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "655k"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v4"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v2"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450p"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4102e"
},
{
"_id": null,
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1505m_v6"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qe"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4810mq"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7250f"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8400"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5609"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210h"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3708"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6442eq"
},
{
"_id": null,
"model": "xeon e3 1290 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2648l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 1680 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1125c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v4"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3439y"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2365m"
},
{
"_id": null,
"model": "xeon e3 1231 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8156"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6098p"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790k"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5504"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6138"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3110m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4288u"
},
{
"_id": null,
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qe"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4900mq"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5630"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2537m"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2830"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3555le"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350u"
},
{
"_id": null,
"model": "xeon e3 1505l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5020u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "661"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2677m"
},
{
"_id": null,
"model": "xeon e5 2628l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700hq"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3510"
},
{
"_id": null,
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2338"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8894_v4"
},
{
"_id": null,
"model": "xeon e3 1230 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4258u"
},
{
"_id": null,
"model": "xeon e5 2609",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5 2650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5507"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600k"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n2820"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100t"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680"
},
{
"_id": null,
"model": "xeon e5 2640",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610y"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5010u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010u"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4617"
},
{
"_id": null,
"model": "xeon e3 1280 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1270",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2377m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2115c"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2710qe"
},
{
"_id": null,
"model": "pentium n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3540"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700hq"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v3"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5580"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4120u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2350m"
},
{
"_id": null,
"model": "xeon e3 1105c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6140"
},
{
"_id": null,
"model": "xeon phi",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7210"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4220y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500te"
},
{
"_id": null,
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770k"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x7560"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6350hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430s"
},
{
"_id": null,
"model": "xeon e3 1286 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3450"
},
{
"_id": null,
"model": "xeon bronze 3104",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e3 1290",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v4"
},
{
"_id": null,
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2880_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v2"
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v3"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6320"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5005u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680um"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3795"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "450m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702hq"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10a"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5687"
},
{
"_id": null,
"model": "xeon e3 1240",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v4"
},
{
"_id": null,
"model": "xeon e5 2620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330e"
},
{
"_id": null,
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y54"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2328m"
},
{
"_id": null,
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6142m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380um"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2105"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3150"
},
{
"_id": null,
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3000"
},
{
"_id": null,
"model": "xeon e5 2608l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770"
},
{
"_id": null,
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735f"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440hq"
},
{
"_id": null,
"model": "atom x3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3265rk"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3537u"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell emc",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qualcomm incorporated",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "windows server r2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "hat enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "windows windows server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2012"
},
{
"_id": null,
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "v8"
},
{
"_id": null,
"model": "windows server r2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2012"
},
{
"_id": null,
"model": "edge",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "0"
},
{
"_id": null,
"model": "internet explorer",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "11"
},
{
"_id": null,
"model": "windows server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2016"
},
{
"_id": null,
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "8.10"
},
{
"_id": null,
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "8.10"
},
{
"_id": null,
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "1015110"
},
{
"_id": null,
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "1015110"
},
{
"_id": null,
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "10"
},
{
"_id": null,
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "10"
},
{
"_id": null,
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101511"
},
{
"_id": null,
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101511"
},
{
"_id": null,
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101607"
},
{
"_id": null,
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101607"
},
{
"_id": null,
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101703"
},
{
"_id": null,
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101703"
},
{
"_id": null,
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "7"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "7"
},
{
"_id": null,
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "7"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "tvos",
"scope": "lt",
"trust": 0.6,
"vendor": "apple",
"version": "11.2"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.6,
"vendor": "apple",
"version": "11.2"
},
{
"_id": null,
"model": "xeon cpu e5-1650",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "12.5.7"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "12.5.5"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "12.5.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "12.0"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.5.8"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.5.6"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.5.4"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.5.2"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.1.1"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.1"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.0.2"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.0.1"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.5.5"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.5"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "8.0"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "6.5"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "6.0"
},
{
"_id": null,
"model": "hat enterprise linux server tus",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "7.4"
},
{
"_id": null,
"model": "hat enterprise linux server tus",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "7.2"
},
{
"_id": null,
"model": "hat enterprise linux server tus",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "6.6"
},
{
"_id": null,
"model": "hat enterprise linux server aus",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "7.4"
},
{
"_id": null,
"model": "hat enterprise linux server aus",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "7.2"
},
{
"_id": null,
"model": "hat enterprise linux server aus",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "7.3"
},
{
"_id": null,
"model": "hat enterprise linux server aus",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "6.6"
},
{
"_id": null,
"model": "macos",
"scope": "lt",
"trust": 0.6,
"vendor": "apple",
"version": "10.13.2"
},
{
"_id": null,
"model": "cloud services platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2100"
},
{
"_id": null,
"model": "vbond orchestrator",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "vedge cloud",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "vedge",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "vedge",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2000"
},
{
"_id": null,
"model": "vedge",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "100"
},
{
"_id": null,
"model": "vedge",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1000"
},
{
"_id": null,
"model": "pixel xl",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"_id": null,
"model": "pixel c",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"_id": null,
"model": "pixel",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"_id": null,
"model": "nexus player",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9"
},
{
"_id": null,
"model": "nexus 6p",
"scope": null,
"trust": 0.3,
"vendor": "google",
"version": null
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5x"
},
{
"_id": null,
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00303"
},
{
"db": "BID",
"id": "106128"
},
{
"db": "NVD",
"id": "CVE-2017-5754"
}
]
},
"credits": {
"_id": null,
"data": "The vendor reported these issues.",
"sources": [
{
"db": "BID",
"id": "106128"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5754",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2017-5754",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2018-00303",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-113957",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.1,
"id": "CVE-2017-5754",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5754",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-00303",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-113957",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00303"
},
{
"db": "VULHUB",
"id": "VHN-113957"
},
{
"db": "NVD",
"id": "CVE-2017-5754"
}
]
},
"description": {
"_id": null,
"data": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. Two vulnerabilities are identified, known as \"Variant 3a\" and \"Variant 4\". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Spectre vulnerability exists in the CPU processor core. Because Intel does not separate low-privileged applications from accessing kernel memory, an attacker can use a malicious application to obtain private data that should be quarantined. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Intel and ARM CPU chips have an information disclosure vulnerability, which originates from a flaw in the processor data boundary mechanism. The following products and versions are affected: ARM Cortex-A75; Intel Xeon E5-1650 v3, v2, v4; Xeon E3-1265l v2, v3, v4; Xeon E3-1245 v2, v3, v5, v6; Xeon X7542 wait. Relevant releases/architectures:\n\nImage Updates for RHV-H - noarch\n\n3. These\npackages include redhat-release-virtualization-host, ovirt-node, and\nrhev-hypervisor. RHVH features a Cockpit user interface for\nmonitoring the host\u0027s resources and performing administrative tasks. ==========================================================================\nUbuntu Security Notice USN-3522-4\nJanuary 10, 2018\n\nlinux-lts-xenial regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n\nSummary:\n\nUSN-3522-2 introduced a regression in the Linux Hardware Enablement kernel. \nUnfortunately, that update introduced a regression where a few systems\nfailed to boot successfully. This update fixes the problem. \n\nWe apologize for the inconvenience. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n linux-image-4.4.0-109-generic 4.4.0-109.132~14.04.1\n linux-image-4.4.0-109-lowlatency 4.4.0-109.132~14.04.1\n linux-image-generic-lts-xenial 4.4.0.109.92\n linux-image-lowlatency-lts-xenial 4.4.0.109.92\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nThis specific attack has been named Meltdown and is addressed in the Linux\nkernel for the Intel x86-64 architecture by a patch set named Kernel Page Table\nIsolation, enforcing a near complete separation of the kernel and userspace\naddress maps and preventing the attack. This solution might have a performance\nimpact, and can be disabled at boot time by passing `pti=off\u0027 to the kernel\ncommand line. \n\nWe also identified a regression for ancient userspaces using the vsyscall\ninterface, for example chroot and containers using (e)glibc 2.13 and older,\nincluding those based on Debian 7 or RHEL/CentOS 6. \n\nThe other vulnerabilities (named Spectre) published at the same time are not\naddressed in this update and will be fixed in a later update. \n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 4.9.65-3+deb9u2. \n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlpOqZMACgkQ3rYcyPpX\nRFuTTQf/btBqg9/I3XlnJFyGAmd4eQolTcU5cfDJqNhD4TZoyMocghvw1kYtu7z9\nbYVhwCRukJym8O8AXJOxvlcsP7g0ANXqVDHpzCN8byKYgzigVP9brfOu/zDa4uYY\nEYf8V3pc2QzNo5OV4G+sK5ZklkDnNIde+OxUfU0Otl9fUG2rS5JTFvaRgvGazlbb\ncN5wltoHD6DBeSRnfadwYPHQR5U+KAJNImh34Y6T73i7n5dGTnNhs6E7n0wlJL9O\nSQLwoqQeiDpcE7C4TZ1pb4AbFCZXaic+1ONbWy8D7erKNA7kV1U2LQDmPDw9kmua\nLc5heEX026Xfdy83v6NAPwR+NU8stg==\n=GGyG\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03805en_us\nVersion: 4\n\nHPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel,\nAMD, and ARM, with Speculative Execution, Elevation of Privilege and\nInformation Disclosure. \n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2018-01-10\nLast Updated: 2018-01-09\n\nPotential Security Impact: Local: Disclosure of Information, Elevation of\nPrivilege\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nOn January 3 2018, side-channel security vulnerabilities involving\nspeculative execution were publicly disclosed. These vulnerabilities may\nimpact the listed HPE products, potentially leading to information disclosure\nand elevation of privilege. Mitigation and resolution of these\nvulnerabilities may call for both an operating system update, provided by the\nOS vendor, and a system ROM update from HPE. \n\n\n**Note:**\n\n * This issue takes advantage of techniques commonly used in many modern\nprocessor architectures. \n * For further information, microprocessor vendors have provided security\nadvisories:\n \n - Intel:\n\u003chttps://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026langu\ngeid=en-fr\u003e\n - AMD: \u003chttp://www.amd.com/en/corporate/speculative-execution\u003e\n - ARM: \u003chttps://developer.arm.com/support/security-update\u003e\n\nReferences:\n\n - PSRT110634\n - PSRT110633\n - PSRT110632\n - CVE-2017-5715 - aka Spectre, branch target injection\n - CVE-2017-5753 - aka Spectre, bounds check bypass\n - CVE-2017-5754 - aka Meltdown, rogue data cache load, memory access\npermission check performed after kernel memory read\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HPE ProLiant DL380 Gen10 Server prior to v1.28\n - HPE ProLiant DL180 Gen10 Server prior to v1.28\n - HPE ProLiant DL160 Gen10 Server prior to v1.28\n - HPE ProLiant DL360 Gen10 Server prior to v1.28\n - HPE ProLiant ML110 Gen10 Server prior to v1.28\n - HPE ProLiant DL580 Gen10 Server prior to v1.28\n - HPE ProLiant DL560 Gen10 Server prior to v1.28\n - HPE ProLiant DL120 Gen10 Server prior to v1.28\n - HPE ProLiant ML350 Gen10 Server prior to v1.28\n - HPE ProLiant XL450 Gen10 Server prior to v1.28\n - HPE ProLiant XL170r Gen10 Server prior to v1.28\n - HPE ProLiant BL460c Gen10 Server Blade prior to v1.28\n - HPE ProLiant XL230a Gen9 Server prior to v2.54\n - HPE ProLiant XL230k Gen10 Server prior to v1.28\n - HPE ProLiant XL730f Gen9 Server prior to v2.54\n - HPE ProLiant XL740f Gen9 Server prior to v2.54\n - HPE ProLiant XL750f Gen9 Server prior to v2.54\n - HPE ProLiant XL170r Gen9 Server prior to v2.54\n - HP ProLiant DL60 Gen9 Server prior to v2.54\n - HPE ProLiant XL450 Gen9 Server prior to v2.54\n - HP ProLiant DL160 Gen9 Server prior to v2.54\n - HPE Apollo 4200 Gen9 Server prior to v2.54\n - HP ProLiant BL460c Gen9 Server Blade prior to v2.54\n - HP ProLiant ML110 Gen9 Server prior to v2.54\n - HP ProLiant ML150 Gen9 Server prior to v2.54 \n - HPE ProLiant ML350 Gen9 Server prior to v2.54\n - HP ProLiant DL380 Gen9 Server prior to v2.54\n - HP ProLiant DL120 Gen9 Server prior to v2.54\n - HPE ProLiant DL560 Gen9 Server prior to v2.54\n - HPE ProLiant XL270d Gen9 Special Server prior to v2.54\n - HP ProLiant BL660c Gen9 Server prior to v2.54\n - HPE ProLiant m710x Server Cartridge prior to v1.60\n - HPE ProLiant DL20 Gen9 Server prior to v2.52\n - HPE ProLiant DL385 Gen10 Server prior to v1.04\n - HPE Synergy 660 Gen9 Compute Module prior to v2.54\n - HPE Synergy 480 Gen10 Compute Module prior to v1.28\n - HPE Synergy 480 Gen9 Compute Module prior to v2.54\n - HPE ProLiant ML30 Gen9 Server prior to v2.52\n - HPE ProLiant XL190r Gen10 Server prior to v1.28\n - HPE ProLiant XL250a Gen9 Server prior to v2.54\n - HPE ProLiant XL190r Gen9 Server prior to v2.54\n - HP ProLiant DL80 Gen9 Server prior to v2.54\n - HPE ProLiant DL180 Gen9 Server prior to v2.54\n - HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server\nprior to v2.54\n - HPE ProLiant WS460c Gen9 Workstation prior to v2.54\n - HPE ProLiant DL580 Gen9 Special Server prior to v2.54\n - HPE Synergy 680 Gen9 Compute Modules prior to v2.54\n - HPE ProLiant XL260a Gen9 Server prior to 1/22/2018\n - HPE ProLiant m510 Server Cartridge prior to 1/22/2018\n - HPE ProLiant m710p Server Cartridge prior to 12/12/2017\n - HP ProLiant m350 Server Cartridge prior to 12/12/2017\n - HP ProLiant m300 Server Cartridge prior to 12/12/2017\n - HP ProLiant ML350e Gen8 Server prior to 12/12/2017\n - HPE ProLiant ML350e Gen8 v2 Server prior to 12/12/2017\n - HP ProLiant BL460c Gen8 Server prior to 12/12/2017\n - HP ProLiant BL660c Gen8 Server prior to 12/12/2017\n - HPE ProLiant SL4540 Gen8 1 Node Server prior to 12/12/2017\n - HP ProLiant DL380e Gen8 Server prior to 12/12/2017\n - HP ProLiant DL360e Gen8 Server prior to 12/12/2017\n - HP ProLiant ML350p Gen8 Server prior to 12/12/2017\n - HP ProLiant DL360p Gen8 Server prior to 12/12/2017\n - HP ProLiant DL380p Gen8 Server prior to 12/12/2017\n - HP ProLiant DL320e Gen8 Server prior to 12/12/2017\n - HPE ProLiant DL320e Gen8 v2 Server prior to 12/12/2017\n - HP ProLiant ML310e Gen8 Server prior to 12/12/2017\n - HPE ProLiant ML310e Gen8 v2 Server prior to 12/12/2017\n - HP ProLiant DL160 Gen8 Server prior to 12/12/2017\n - HP ProLiant SL270s Gen8 Server prior to 12/12/2017\n - HP ProLiant SL250s Gen8 Server prior to 12/12/2017\n - HP ProLiant SL230s Gen8 Server prior to 12/12/2017\n - HP ProLiant DL560 Gen8 Server prior to 12/12/2017\n - HPE ProLiant SL210t Gen8 Server prior to 12/12/2017\n - HP ProLiant DL580 Gen8 Server prior to 12/12/2017 (v1.98)\n - HP ProLiant ML10 Server prior to 12/12/2017\n - HP ProLiant m710 Server Cartridge prior to 12/12/2017 (v1.60)\n - HPE Synergy Composer prior to 12/12/2017\n - HPE Integrity Superdome X with BL920s Blades prior to 8.8.6\n - HPE Superdome Flex Server prior to 2.3.110\n - HP ProLiant DL360 Gen9 Server prior to v2.54\n - HPE Synergy 620 Gen9 Compute Module prior to v2.54\n - HPE ProLiant Thin Micro TM200 Server prior to 1/16/2017\n - HPE ProLiant ML350 Gen10 Server prior to v1.28\n - HP ProLiant BL420c Gen8 Server prior to 12/12/2017\n - HPE ProLiant ML10 v2 Server prior to 12/12/2017\n - HPE ProLiant MicroServer Gen8 prior to 12/12/2017\n - HPE Synergy 660 Gen10 Compute Module prior to v1.28\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2017-5715\n 8.2 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N\n 6.8 (AV:A/AC:L/Au:N/C:C/I:P/A:N)\n\n CVE-2017-5753\n 5.0 CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L\n 5.4 (AV:A/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2017-5754\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\n 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following system ROM updates which include an updated\nmicrocode to resolve the vulnerability:\n\n * HPE has provided a customer bulletin\n\u003chttps://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us\u003e\nwith specific instructions to obtain the udpated sytem ROM\n \n - Note:\n \n + CVE-2017-5715 requires that the System ROM be updated and a vendor\nsupplied operating system update be applied as well. \n + For CVE-2017-5753, CVE-2017-5754 require only updates of a vendor\nsupplied operating system. \n + HPE will continue to add additional products to the list. Not all\nlisted products have updated system ROMs yet. Impacted products awaiting\nsystem ROM updates are marked TBS (to be supplied). \n\nHISTORY\n\nVersion:1 (rev.1) - 4 January 2018 Initial release\n\nVersion:2 (rev.2) - 5 January 2018 Added additional impacted products\n\nVersion:3 (rev.3) - 10 January 2018 Added more impacted products\n\nVersion:4 (rev.4) - 9 January 2018 Fixed product ID\n\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-18:03.speculative_execution Security Advisory\n The FreeBSD Project\n\nTopic: Speculative Execution Vulnerabilities\n\nCategory: core\nModule: kernel\nAnnounced: 2018-03-14\nCredits: Jann Horn (Google Project Zero); Werner Haas, Thomas\n Prescher (Cyberus Technology); Daniel Gruss, Moritz Lipp,\n Stefan Mangard, Michael Schwarz (Graz University of\n Technology); Paul Kocher; Daniel Genkin (University of\n Pennsylvania and University of Maryland), Mike Hamburg\n (Rambus); Yuval Yarom (University of Adelaide and Data6)\nAffects: All supported versions of FreeBSD. \nCorrected: 2018-02-17 18:00:01 UTC (stable/11, 11.1-STABLE)\n 2018-03-14 04:00:00 UTC (releng/11.1, 11.1-RELEASE-p8)\nCVE Name: CVE-2017-5715, CVE-2017-5754\n\nSpecial Note:\tSpeculative execution vulnerability mitigation is a work\n in progress. This advisory addresses the most significant\n issues for FreeBSD 11.1 on amd64 CPUs. We expect to update\n this advisory to include 10.x for amd64 CPUs. Future FreeBSD\n releases will address this issue on i386 and other CPUs. \n freebsd-update will include changes on i386 as part of this\n update due to common code changes shared between amd64 and\n i386, however it contains no functional changes for i386 (in\n particular, it does not mitigate the issue on i386). \n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. \n\nII. Problem Description\n\nA number of issues relating to speculative execution were found last year\nand publicly announced January 3rd. Two of these, known as Meltdown and\nSpectre V2, are addressed here. \n\nCVE-2017-5754 (Meltdown)\n- ------------------------\n\nThis issue relies on an affected CPU speculatively executing instructions\nbeyond a faulting instruction. When this happens, changes to architectural\nstate are not committed, but observable changes may be left in micro-\narchitectural state (for example, cache). This may be used to infer\nprivileged data. \n\nCVE-2017-5715 (Spectre V2)\n- --------------------------\n\nSpectre V2 uses branch target injection to speculatively execute kernel code\nat an address under the control of an attacker. \n\nIII. Impact\n\nAn attacker may be able to read secret data from the kernel or from a\nprocess when executing untrusted code (for example, in a web browser). \n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date,\nand reboot. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility, followed\nby a reboot into the new kernel:\n\n# freebsd-update fetch\n# freebsd-update install\n# shutdown -r now\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.1]\n# fetch https://security.FreeBSD.org/patches/SA-18:03/speculative_execution-amd64-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-18:03/speculative_execution-amd64-11.patch.asc\n# gpg --verify speculative_execution-amd64-11.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile your kernel as described in\n\u003cURL:https://www.FreeBSD.org/handbook/kernelconfig.html\u003e and reboot the\nsystem. \n\nVI. Correction details\n\nCVE-2017-5754 (Meltdown)\n- ------------------------\n\nThe mitigation is known as Page Table Isolation (PTI). PTI largely separates\nkernel and user mode page tables, so that even during speculative execution\nmost of the kernel\u0027s data is unmapped and not accessible. \n\nA demonstration of the Meltdown vulnerability is available at\nhttps://github.com/dag-erling/meltdown. A positive result is definitive\n(that is, the vulnerability exists with certainty). A negative result\nindicates either that the CPU is not affected, or that the test is not\ncapable of demonstrating the issue on the CPU (and may need to be modified). \n\nA patched kernel will automatically enable PTI on Intel CPUs. The status can\nbe checked via the vm.pmap.pti sysctl:\n\n# sysctl vm.pmap.pti\nvm.pmap.pti: 1\n\nThe default setting can be overridden by setting the loader tunable\nvm.pmap.pti to 1 or 0 in /boot/loader.conf. This setting takes effect only\nat boot. \n\nPTI introduces a performance regression. The observed performance loss is\nsignificant in microbenchmarks of system call overhead, but is much smaller\nfor many real workloads. \n\nCVE-2017-5715 (Spectre V2)\n- --------------------------\n\nThere are two common mitigations for Spectre V2. This patch includes a\nmitigation using Indirect Branch Restricted Speculation, a feature available\nvia a microcode update from processor manufacturers. The alternate\nmitigation, Retpoline, is a feature available in newer compilers. The\nfeasibility of applying Retpoline to stable branches and/or releases is under\ninvestigation. \n\nThe patch includes the IBRS mitigation for Spectre V2. To use the mitigation\nthe system must have an updated microcode; with older microcode a patched\nkernel will function without the mitigation. \n\nIBRS can be disabled via the hw.ibrs_disable sysctl (and tunable), and the\nstatus can be checked via the hw.ibrs_active sysctl. IBRS may be enabled or\ndisabled at runtime. Additional detail on microcode updates will follow. \n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r329462\nreleng/11.1/ r330908\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqon0RfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD\nMEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n\n5cKORw/+Lc5lxLhDgU1rQ0JF6sb2b80Ly5k+rJLXFWBvmEQt0uVyVkF4TMJ99M04\nbcmrLbT4Pl0Csh/iEYvZQ4el12KvPDApHszsLTBgChD+KfCLvCZvBZzasgDWGD0E\nJhL4eIX0wjJ4oGGsT+TAqkmwXyAMJgWW/ZgZPFVXocylZTL3fV4g52VdG1Jnd2yu\nhnkViH2kVlVJqXX9AHlenIUfEmUiRUGrMh5oPPpFYDDmfJ+enZ8QLxfZtOKIliD7\nu+2GP8V/bvaErkxqF5wwobybrBOMXpq9Y/fWw0EH/om7myevj/oORqK+ZmGZ17bl\nIRbdWxgjc1hN2TIMVn9q9xX6i0I0wSPwbpLYagKnSnE8WNVUTZUteaj1GKGTG1rj\nDFH2zOLlbRr/IXUFldM9b6VbZX6G5Ijxwy1DJzB/0KL5ZTbAReUR0pqHR7xpulbJ\neDv8SKCwYiUpMuwPOXNdVlVLZSsH5/9A0cyjH3+E+eIhM8qyxw7iRFwA0DxnGVkr\ntkMo51Vl3Gl7JFFimGKljsE9mBh00m8B0WYJwknvfhdehO4WripcwI7/V5zL6cwj\ns018kaW4Xm77LOz6P1iN8nbcjZ9gN2AsPYUYYZqJxjCcZ7r489Hg9BhbDf0QtC0R\ngnwZWiZ/KuAy0C6vaHljsm0xPEM5nBz/yScFXDbuhEdmEgBBD6w=\n=fqrI\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security update\nAdvisory ID: RHSA-2018:0018-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:0018\nIssue date: 2018-01-04\n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6.4\nAdvanced Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4) - noarch, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a commonly\nused performance optimization). There are three primary variants of the\nissue which differ in the way the speculative execution can be exploited. \n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. The updated kernel packages provide software mitigation\nfor this hardware issue at a cost of potential performance penalty. Please\nrefer to References section for further information about this issue and\nthe performance impact. \n\nIn this update mitigations for x86-64 architecture are provided. \n\nVariant CVE-2017-5753 triggers the speculative execution by performing a\nbounds-check bypass. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nboundary and read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing\nbranch target injection. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nand guest/host boundaries and read privileged memory by conducting targeted\ncache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors,\nduring speculative execution of instruction permission faults, exception\ngeneration triggered by a faulting access is suppressed until the\nretirement of the whole instruction block. In a combination with the fact\nthat memory accesses may populate the cache even when the block is being\ndropped and never committed (executed), an unprivileged local attacker\ncould use this flaw to read privileged (kernel space) memory by conducting\ntargeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64\nmicroprocessors are not affected by this issue. \n\nRed Hat would like to thank Google Project Zero for reporting these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. Bugs fixed (https://bugzilla.redhat.com/):\n\n1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass\n1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection\n1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\nkernel-2.6.32-358.84.2.el6.src.rpm\n\nnoarch:\nkernel-doc-2.6.32-358.84.2.el6.noarch.rpm\nkernel-firmware-2.6.32-358.84.2.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debug-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-devel-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-headers-2.6.32-358.84.2.el6.x86_64.rpm\nperf-2.6.32-358.84.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\nkernel-2.6.32-358.84.2.el6.src.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-358.84.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\npython-perf-2.6.32-358.84.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/speculativeexecution\nhttps://access.redhat.com/security/cve/CVE-2017-5753\nhttps://access.redhat.com/security/cve/CVE-2017-5715\nhttps://access.redhat.com/security/cve/CVE-2017-5754\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. The vulnerability could be exploited to Local Disclosure of\nInformation. \n\nReferences:\n\n - CVE-2017-5753\n - CVE-2017-5715\n - CVE-2017-5754\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HP Virtualization Performance Viewer Software - v2.20, v3.0, v3.01,\nv3.02, v3.03\n - HPE Cloud Optimizer - v2.20, v3.0, v3.01, v3.02, v3.03\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n\nRESOLUTION\n\nMicro Focus is actively working with its vendors to address any systems-level\nSpectre and Meltdown impacts.However, if you have immediate concerns or\nquestions regarding CentOS and its approach to Spectre or Meltdown, please\ncontact them directly. \n Please note that you will need to sign in using a Passport account. \n\n3P = 3rd Party Software\nGN = Micro Focus General Software\nMU = Multi-Platform Software\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. \nMicro Focus is continually reviewing and enhancing the security features of software products to provide \ncustomers with current secure solutions. \n\n\"Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the \naffected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends \nthat all users determine the applicability of this information to their individual situations and take appropriate action. \nMicro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, \nMicro Focus will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in \nthis Security Bulletin. To the extent permitted by law, Micro Focus disclaims all warranties, either express or \nimplied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\" \n\n\nCopyright 2017 EntIT Software LLC\n\nMicro Focus shall not be liable for technical or editorial errors or omissions contained herein",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5754"
},
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00303"
},
{
"db": "BID",
"id": "106128"
},
{
"db": "VULHUB",
"id": "VHN-113957"
},
{
"db": "PACKETSTORM",
"id": "145796"
},
{
"db": "PACKETSTORM",
"id": "145718"
},
{
"db": "PACKETSTORM",
"id": "145964"
},
{
"db": "PACKETSTORM",
"id": "145836"
},
{
"db": "PACKETSTORM",
"id": "145695"
},
{
"db": "PACKETSTORM",
"id": "145809"
},
{
"db": "PACKETSTORM",
"id": "146762"
},
{
"db": "PACKETSTORM",
"id": "145651"
},
{
"db": "PACKETSTORM",
"id": "145654"
},
{
"db": "PACKETSTORM",
"id": "147582"
}
],
"trust": 3.42
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-113957",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113957"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-5754",
"trust": 3.0
},
{
"db": "CERT/CC",
"id": "VU#584653",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#180049",
"trust": 1.9
},
{
"db": "BID",
"id": "102378",
"trust": 1.7
},
{
"db": "BID",
"id": "106128",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1040071",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-608355",
"trust": 1.1
},
{
"db": "LENOVO",
"id": "LEN-18282",
"trust": 1.1
},
{
"db": "CERT@VDE",
"id": "VDE-2018-003",
"trust": 1.1
},
{
"db": "CERT@VDE",
"id": "VDE-2018-002",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA18-141A",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-00303",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "145836",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145796",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145695",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145824",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145794",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145804",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146067",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145795",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145811",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145810",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201801-151",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-113957",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145718",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145964",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145809",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146762",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145651",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145654",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147582",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00303"
},
{
"db": "VULHUB",
"id": "VHN-113957"
},
{
"db": "BID",
"id": "106128"
},
{
"db": "PACKETSTORM",
"id": "145796"
},
{
"db": "PACKETSTORM",
"id": "145718"
},
{
"db": "PACKETSTORM",
"id": "145964"
},
{
"db": "PACKETSTORM",
"id": "145836"
},
{
"db": "PACKETSTORM",
"id": "145695"
},
{
"db": "PACKETSTORM",
"id": "145809"
},
{
"db": "PACKETSTORM",
"id": "146762"
},
{
"db": "PACKETSTORM",
"id": "145651"
},
{
"db": "PACKETSTORM",
"id": "145654"
},
{
"db": "PACKETSTORM",
"id": "147582"
},
{
"db": "NVD",
"id": "CVE-2017-5754"
}
]
},
"id": "VAR-201801-1711",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00303"
},
{
"db": "VULHUB",
"id": "VHN-113957"
}
],
"trust": 1.2838988233333333
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00303"
}
]
},
"last_update_date": "2026-03-09T21:41:51.114000Z",
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113957"
},
{
"db": "NVD",
"id": "CVE-2017-5754"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.9,
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"trust": 1.9,
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102378"
},
{
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"trust": 1.6,
"url": "https://support.apple.com//ht208394"
},
{
"trust": 1.6,
"url": "http://www.dell.com/support/speculative-store-bypass"
},
{
"trust": 1.4,
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/106128"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"trust": 1.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180104-cpusidechannel"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"trust": 1.1,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"trust": 1.1,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2018-001.txt"
},
{
"trust": 1.1,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-003.txt"
},
{
"trust": 1.1,
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"trust": 1.1,
"url": "https://aws.amazon.com/de/security/security-bulletins/aws-2018-013/"
},
{
"trust": 1.1,
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"trust": 1.1,
"url": "https://cdrdv2.intel.com/v1/dl/getcontent/685358"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"trust": 1.1,
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"trust": 1.1,
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"trust": 1.1,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.1,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180002"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"trust": 1.1,
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx231399"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx234679"
},
{
"trust": 1.1,
"url": "https://support.f5.com/csp/article/k91229003"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/us/en/solutions/len-18282"
},
{
"trust": 1.1,
"url": "https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin"
},
{
"trust": 1.1,
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"trust": 1.1,
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"trust": 1.1,
"url": "https://www.synology.com/support/security/synology_sa_18_01"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4078"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4082"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4120"
},
{
"trust": 1.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-18:03.speculative_execution.asc"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"trust": 1.1,
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"trust": 1.1,
"url": "https://meltdownattack.com/"
},
{
"trust": 1.1,
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0292"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040071"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/usn/usn-3522-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3522-3/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3522-4/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3523-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/usn/usn-3523-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/usn/usn-3524-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/usn/usn-3525-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3583-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"trust": 1.0,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03871en_us"
},
{
"trust": 0.8,
"url": "https://vuls.cert.org/confluence/display/wiki/vulnerabilities+associated+with+cpu+speculative+execution"
},
{
"trust": 0.8,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"trust": 0.8,
"url": "https://developer.amd.com/wp-content/resources/124441_amd64_speculativestorebypassdisable_whitepaper_final.pdf"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta18-141a"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/208.html"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-speculative-execution-side-channel-mitigations.pdf"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-intel-analysis-of-speculative-execution-side-channels-white-paper.pdf"
},
{
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180521-cpusidechannel"
},
{
"trust": 0.8,
"url": "https://fortiguard.com/psirt/fg-ir-18-002"
},
{
"trust": 0.8,
"url": "https://support.hp.com/us-en/document/c06001626"
},
{
"trust": 0.8,
"url": "http://www.hitachi.com/hirt/publications/hirt-pub18001/"
},
{
"trust": 0.8,
"url": "https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/"
},
{
"trust": 0.8,
"url": "https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 0.8,
"url": "https://www.suse.com/support/kb/doc/?id=7022937"
},
{
"trust": 0.8,
"url": "https://www.synology.com/en-global/support/security/synology_sa_18_23"
},
{
"trust": 0.8,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/variant4"
},
{
"trust": 0.8,
"url": "https://kb.vmware.com/s/article/54951"
},
{
"trust": 0.8,
"url": "https://aws.amazon.com/security/security-bulletins/aws-2018-015/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
},
{
"trust": 0.6,
"url": "https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
},
{
"trust": 0.3,
"url": "http://code.google.com/android/"
},
{
"trust": 0.3,
"url": "http://www.qualcomm.com/"
},
{
"trust": 0.3,
"url": "https://source.android.com/security/bulletin/2018-12-01.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-5753"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-5754"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-5715"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
},
{
"trust": 0.2,
"url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-a00039267en_us\u003e"
},
{
"trust": 0.2,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026langu"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "https://developer.arm.com/support/security-update\u003e"
},
{
"trust": 0.2,
"url": "http://www.amd.com/en/corporate/speculative-execution\u003e"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03871en_us"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-139.188"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3524-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0047"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/3307851"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1741934,"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-109.132~14.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3522-2"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3522-1"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3522-4"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/linux"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-18:03/speculative_execution-amd64-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5715\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-18:03.speculative_execution.asc\u003e"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/kernelconfig.html\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5754\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://github.com/dag-erling/meltdown."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-18:03/speculative_execution-amd64-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0018"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2018:0020"
},
{
"trust": 0.1,
"url": "https://www.microfocus.com/support-and-services/report-security"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/group/softwaresupport/email-notification/-/subscriptions/registerdocumentnotification"
},
{
"trust": 0.1,
"url": "https://cf.passport.softwaregrp.com/hppcf/createuser.do"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/security-vulnerability"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/km03158629"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-00303"
},
{
"db": "VULHUB",
"id": "VHN-113957"
},
{
"db": "BID",
"id": "106128"
},
{
"db": "PACKETSTORM",
"id": "145796"
},
{
"db": "PACKETSTORM",
"id": "145718"
},
{
"db": "PACKETSTORM",
"id": "145964"
},
{
"db": "PACKETSTORM",
"id": "145836"
},
{
"db": "PACKETSTORM",
"id": "145695"
},
{
"db": "PACKETSTORM",
"id": "145809"
},
{
"db": "PACKETSTORM",
"id": "146762"
},
{
"db": "PACKETSTORM",
"id": "145651"
},
{
"db": "PACKETSTORM",
"id": "145654"
},
{
"db": "PACKETSTORM",
"id": "147582"
},
{
"db": "NVD",
"id": "CVE-2017-5754"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#180049",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-00303",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-113957",
"ident": null
},
{
"db": "BID",
"id": "106128",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145796",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145718",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145964",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145836",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145695",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145809",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "146762",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145651",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145654",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "147582",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-5754",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-21T00:00:00",
"db": "CERT/CC",
"id": "VU#180049",
"ident": null
},
{
"date": "2018-01-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00303",
"ident": null
},
{
"date": "2018-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-113957",
"ident": null
},
{
"date": "2018-12-03T00:00:00",
"db": "BID",
"id": "106128",
"ident": null
},
{
"date": "2018-01-10T00:58:28",
"db": "PACKETSTORM",
"id": "145796",
"ident": null
},
{
"date": "2018-01-06T18:01:06",
"db": "PACKETSTORM",
"id": "145718",
"ident": null
},
{
"date": "2018-01-18T20:41:22",
"db": "PACKETSTORM",
"id": "145964",
"ident": null
},
{
"date": "2018-01-11T03:36:00",
"db": "PACKETSTORM",
"id": "145836",
"ident": null
},
{
"date": "2018-01-05T15:21:55",
"db": "PACKETSTORM",
"id": "145695",
"ident": null
},
{
"date": "2018-01-11T02:31:24",
"db": "PACKETSTORM",
"id": "145809",
"ident": null
},
{
"date": "2018-03-14T14:01:12",
"db": "PACKETSTORM",
"id": "146762",
"ident": null
},
{
"date": "2018-01-04T17:50:36",
"db": "PACKETSTORM",
"id": "145651",
"ident": null
},
{
"date": "2018-01-04T17:51:10",
"db": "PACKETSTORM",
"id": "145654",
"ident": null
},
{
"date": "2018-05-10T23:27:00",
"db": "PACKETSTORM",
"id": "147582",
"ident": null
},
{
"date": "2018-01-04T13:29:00.303000",
"db": "NVD",
"id": "CVE-2017-5754",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-06-19T00:00:00",
"db": "CERT/CC",
"id": "VU#180049",
"ident": null
},
{
"date": "2018-01-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00303",
"ident": null
},
{
"date": "2021-11-19T00:00:00",
"db": "VULHUB",
"id": "VHN-113957",
"ident": null
},
{
"date": "2018-12-03T00:00:00",
"db": "BID",
"id": "106128",
"ident": null
},
{
"date": "2024-11-21T03:28:19.677000",
"db": "NVD",
"id": "CVE-2017-5754",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "106128"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "106128"
}
],
"trust": 0.3
}
}
VAR-200705-0681
Vulnerability from variot - Updated: 2026-03-09 21:39Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer.". Apache is prone to multiple denial-of-service vulnerabilities. An attacker with the ability to execute arbitrary server-side script-code can exploit these issues to stop arbitrary services on the affected computer in the context of the master webserver process; other attacks may also be possible.
A vulnerability was found in the Apache mod_cache module that could cause the httpd server child process to crash if it was sent a carefully crafted request. This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated (CVE-2007-3304).
Updated packages have been patched to prevent the above issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
Updated Packages:
Mandriva Linux 2007.0: 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.1: 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Corporate 4.0: 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS Re00IyLecNs4MIGgsrv2qJE= =5EEm -----END PGP SIGNATURE-----
.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.6 *>= 2.0.59-r5 >= 2.2.6
Description
Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
Impact
A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
[ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01182588 Version: 1
HPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-10 Last Updated: 2007-10-10
Potential Security Impact: Remote Unauthorized Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
References: CVE-2007-3847, CVE-2007-3304
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache 2.0.59.00
BACKGROUND
To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended action has been taken.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision B.2.0.59.00.0 or subsequent restart Apache URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01 hpuxwsAPACHE,revision=B.2.0.59.00
action: install revision B.2.0.59.00.0 or subsequent restart Apache URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability.
OS Release Depot name MD5 Sum
B.11.11 (IPv4) HPUXWSA-B218-01-1111ipv4.depot eb3bb933baac0f05e1e0809ef1e84eb2
B.11.11 (IPv6) HPUXWSA-B218-01-1111ipv6.depot 540a56b155699336bcbfac0eaf87e3ce
B.11.23 PA-32 HPUXWSA-B218-01-1123-32.depot 2900a0cbea01b6905dc768680fbd5381
B.11.23 IA-64 HPUXWSA-B218-01-1123-64.depot 3be084d96e8a509692e37c71c0184014
B.11.31 PA-32 HPUXWSA-B218-01-1131-32.depot 861122eef70f1b53d68c5adafc64cdb5
B.11.31 IA-64 HPUXWSA-B218-01-1131-64.depot 8dc57222257fe27fb5994da16e91f9a4
The updates are available from: ftp://ssrt1476:ssrt1476@hprc.external.hp.com/ ftp://ssrt1476:ssrt1476@192.170.19.100/
MANUAL ACTIONS: Yes - Update Install Apache 2.0.59.00.0 or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 10 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux
TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRw4UMuAfOvwtKn1ZEQLDowCgnVZZuBkuV66atvv6mh6sxARqYYkAmQEy 7CP41v96ckMOtfU4yeG76pv2 =VMzd -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2009-0010 Synopsis: VMware Hosted products update libpng and Apache HTTP Server Issue date: 2009-08-20 Updated on: 2009-08-20 (initial release of advisory) CVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863 CVE-2006-5752 CVE-2007-3304 CVE-2007-6388 CVE-2007-5000 CVE-2008-0005
- Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved. =========================================================== Ubuntu Security Notice USN-499-1 August 16, 2007 apache2 vulnerabilities CVE-2006-5752, CVE-2007-1863, CVE-2007-3304 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.2 apache2-mpm-prefork 2.0.55-4ubuntu2.2 apache2-mpm-worker 2.0.55-4ubuntu2.2
Ubuntu 6.10: apache2-common 2.0.55-4ubuntu4.1 apache2-mpm-prefork 2.0.55-4ubuntu4.1 apache2-mpm-worker 2.0.55-4ubuntu4.1
Ubuntu 7.04: apache2-mpm-prefork 2.2.3-3.2ubuntu0.1 apache2-mpm-worker 2.2.3-3.2ubuntu0.1 apache2.2-common 2.2.3-3.2ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. (CVE-2006-5752)
Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)
A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz
Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc
Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb
Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171082 4318f93373b705563251f377ed398614
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 131850 951a4573901bc2f10d5febf940d57516
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171864 200ab662b2c13786658486df37fda881
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz
Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc
Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb
Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 171304 c4395af051e876228541ef5b8037d979
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 172078 01ccd554177364747b08e2933f121d2c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 93240 4573597317416869646eb2ea42cd0945
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 211578 9407383d85db831dab728b39cce9acc8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz
Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc
Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 2199184 c03756f87cb164213428532f70e0c198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 341312 906819b0de863209575aa65d39a594a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 446960 af1b667708e062f81bca4e995355394d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 404146 fd35e65fadd836feb0190b209947b466
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 430574 7b690896da23a151ee5e106d596c1143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 343370 1572a001a612add57d23350210ac1736
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.0"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.0"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.39"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.59 and earlier"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "1.3.37 and earlier"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"_id": null,
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47"
},
{
"_id": null,
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.4 and earlier"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"_id": null,
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"_id": null,
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "version"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"_id": null,
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"_id": null,
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.59"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "1.3.37"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"_id": null,
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0.5"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"_id": null,
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"_id": null,
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"_id": null,
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"_id": null,
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"_id": null,
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)5.0"
},
{
"_id": null,
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)4.2"
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"_id": null,
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"_id": null,
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "ses",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "intuity lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3"
},
{
"_id": null,
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.021"
},
{
"_id": null,
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.017"
},
{
"_id": null,
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "software foundation mpm prefork",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "software foundation apache 2.3.38-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "software foundation apache 2.0.60-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "24215"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
}
]
},
"credits": {
"_id": null,
"data": "Blazej Miga",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3304",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "CVE-2007-3304",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3304",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-3304",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-316",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2007-3304",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"description": {
"_id": null,
"data": "Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka \"SIGUSR1 killer.\". Apache is prone to multiple denial-of-service vulnerabilities. \nAn attacker with the ability to execute arbitrary server-side script-code can exploit these issues to stop arbitrary services on the affected computer in the context of the master webserver process; other attacks may also be possible. \n \n A vulnerability was found in the Apache mod_cache module that could\n cause the httpd server child process to crash if it was sent a\n carefully crafted request. This could lead to a denial of service\n if using a threaded MPM (CVE-2007-1863). A local attacker with the\n ability to run scripts on the server could manipulate the scoreboard\n and cause arbitrary processes to be terminated (CVE-2007-3304). \n \n Updated packages have been patched to prevent the above issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm\n 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm\n 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm\n bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm\n c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm\n 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm\n d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm\n 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm\n f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm\n ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm\n d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm\n fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm\n 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm\n 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm\n 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm\n ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm\n c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm\n 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm\n 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm\n fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm\n 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm\n b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm\n 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm\n feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm\n a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm\n da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm\n ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm\n 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm\n 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm\n 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm\n d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm\n 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm\n f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm\n 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm\n adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm\n 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm\n 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm\n 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm\n 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm\n 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm\n b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm\n 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm\n 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm\n afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm\n d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm\n abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm\n b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm\n 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm\n 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm\n caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm\n e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Corporate 4.0:\n 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm\n 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm\n ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm\n 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm\n b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm\n c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm\n 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm\n a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm\n 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm\n 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm\n 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm\n 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm\n ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm\n a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm\n babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS\nRe00IyLecNs4MIGgsrv2qJE=\n=5EEm\n-----END PGP SIGNATURE-----\n\n. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.2.6 *\u003e= 2.0.59-r5\n \u003e= 2.2.6\n\nDescription\n===========\n\nMultiple cross-site scripting vulnerabilities have been discovered in\nmod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error\nhas been discovered in the recall_headers() function in mod_mem_cache\n(CVE-2007-1862). The mod_cache module does not properly sanitize\nrequests before processing them (CVE-2007-1863). The Prefork module\ndoes not properly check PID values before sending signals\n(CVE-2007-3304). The mod_proxy module does not correctly check headers\nbefore processing them (CVE-2007-3847). \n\nImpact\n======\n\nA remote attacker could exploit one of these vulnerabilities to inject\narbitrary script or HTML content, obtain sensitive information or cause\na Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.0.59-r5\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n [ 2 ] CVE-2007-1862\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862\n [ 3 ] CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n [ 4 ] CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n [ 5 ] CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n [ 6 ] CVE-2007-4465\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200711-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01182588\nVersion: 1\n\nHPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-10\nLast Updated: 2007-10-10\n\nPotential Security Impact: Remote Unauthorized Denial of Service (DoS) \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS). \n\nReferences: CVE-2007-3847, CVE-2007-3304\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache 2.0.59.00\n\nBACKGROUND\n\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended action has been taken. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision B.2.0.59.00.0 or subsequent \nrestart Apache \nURL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \nhpuxwsAPACHE,revision=B.2.0.59.00 \n\naction: install revision B.2.0.59.00.0 or subsequent \nrestart Apache \nURL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \n\nOS Release \n Depot name \n MD5 Sum \n \nB.11.11 (IPv4)\n HPUXWSA-B218-01-1111ipv4.depot\n eb3bb933baac0f05e1e0809ef1e84eb2\n \nB.11.11 (IPv6) \n HPUXWSA-B218-01-1111ipv6.depot\n 540a56b155699336bcbfac0eaf87e3ce\n \nB.11.23 PA-32\n HPUXWSA-B218-01-1123-32.depot\n 2900a0cbea01b6905dc768680fbd5381\n \nB.11.23 IA-64\n HPUXWSA-B218-01-1123-64.depot\n 3be084d96e8a509692e37c71c0184014\n \nB.11.31 PA-32\n HPUXWSA-B218-01-1131-32.depot\n 861122eef70f1b53d68c5adafc64cdb5\n \nB.11.31 IA-64\n HPUXWSA-B218-01-1131-64.depot\n 8dc57222257fe27fb5994da16e91f9a4\n \n\nThe updates are available from: \nftp://ssrt1476:ssrt1476@hprc.external.hp.com/ \nftp://ssrt1476:ssrt1476@192.170.19.100/ \n\nMANUAL ACTIONS: Yes - Update \nInstall Apache 2.0.59.00.0 or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 10 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n -verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS \nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\n\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRw4UMuAfOvwtKn1ZEQLDowCgnVZZuBkuV66atvv6mh6sxARqYYkAmQEy\n7CP41v96ckMOtfU4yeG76pv2\n=VMzd\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2009-0010\nSynopsis: VMware Hosted products update libpng and Apache HTTP\n Server\nIssue date: 2009-08-20\nUpdated on: 2009-08-20 (initial release of advisory)\nCVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863\n CVE-2006-5752 CVE-2007-3304 CVE-2007-6388\n CVE-2007-5000 CVE-2008-0005\n- ------------------------------------------------------------------------\n\n1. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. =========================================================== \nUbuntu Security Notice USN-499-1 August 16, 2007\napache2 vulnerabilities\nCVE-2006-5752, CVE-2007-1863, CVE-2007-3304\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.2\n apache2-mpm-prefork 2.0.55-4ubuntu2.2\n apache2-mpm-worker 2.0.55-4ubuntu2.2\n\nUbuntu 6.10:\n apache2-common 2.0.55-4ubuntu4.1\n apache2-mpm-prefork 2.0.55-4ubuntu4.1\n apache2-mpm-worker 2.0.55-4ubuntu4.1\n\nUbuntu 7.04:\n apache2-mpm-prefork 2.2.3-3.2ubuntu0.1\n apache2-mpm-worker 2.2.3-3.2ubuntu0.1\n apache2.2-common 2.2.3-3.2ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nStefan Esser discovered that mod_status did not force a character set,\nwhich could result in browsers becoming vulnerable to XSS attacks when\nprocessing the output. If a user were tricked into viewing server\nstatus output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such as\npasswords), within the same domain. By default, mod_status is disabled\nin Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made to\ncrash using a specially crafted request. A remote user could use this\nto cause a denial of service if Apache was configured to use a threaded\nworker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local\nattacker could trick Apache into sending SIGUSR1 to other processes. \nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz\n Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc\n Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb\n Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171082 4318f93373b705563251f377ed398614\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 131850 951a4573901bc2f10d5febf940d57516\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171864 200ab662b2c13786658486df37fda881\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz\n Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc\n Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb\n Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 171304 c4395af051e876228541ef5b8037d979\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 172078 01ccd554177364747b08e2933f121d2c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 93240 4573597317416869646eb2ea42cd0945\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 211578 9407383d85db831dab728b39cce9acc8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz\n Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc\n Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 2199184 c03756f87cb164213428532f70e0c198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 341312 906819b0de863209575aa65d39a594a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 446960 af1b667708e062f81bca4e995355394d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 404146 fd35e65fadd836feb0190b209947b466\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 430574 7b690896da23a151ee5e106d596c1143\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 343370 1572a001a612add57d23350210ac1736\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "BID",
"id": "24215"
},
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
}
],
"trust": 2.52
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2007-3304",
"trust": 3.4
},
{
"db": "BID",
"id": "24215",
"trust": 2.8
},
{
"db": "VUPEN",
"id": "ADV-2007-3100",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3283",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-2727",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4305",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0233",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3494",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26211",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25920",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26759",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26993",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28212",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28606",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28224",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26790",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26842",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27563",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27209",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27121",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26508",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26443",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26822",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26611",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26273",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25827",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25830",
"trust": 1.7
},
{
"db": "SREASON",
"id": "2814",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "38939",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018304",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2007-3304",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57505",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60039",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57507",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58667",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "BID",
"id": "24215"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"id": "VAR-200705-0681",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2026-03-09T21:39:20.113000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Fixed in Apache httpd 1.3.39-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.39-dev"
},
{
"title": "Fixed in Apache httpd 2.0.61-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.61-dev"
},
{
"title": "Fixed in Apache httpd 2.2.6-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.6-dev"
},
{
"title": "Revision 551843",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?view=markup"
},
{
"title": "HPSBUX02273",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01182588"
},
{
"title": "HPSBUX02273",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02273.html"
},
{
"title": "PK50467",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK50467"
},
{
"title": "PK55141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK55141"
},
{
"title": "4017303",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017303"
},
{
"title": "Fix Pack 13 (6.1.0.13)",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951#61013"
},
{
"title": "4017141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017141"
},
{
"title": "httpd (V3.0/V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1093"
},
{
"title": "RHSA-2007:0532",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0532.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0556.html"
},
{
"title": "RHSA-2007:0662",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0662.html"
},
{
"title": "103179",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "RHSA-2007:0532",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0532J.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0556J.html"
},
{
"title": "RHSA-2007:0662",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0662J.html"
},
{
"title": "interstage_as_200802",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200802.html"
},
{
"title": "Apache HTTP Server Worker Repair measures for multiple local denial of service vulnerabilities in the process",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=145950"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-499-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2007-3304 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/24215"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-353.htm"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-363.htm"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk53984"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0556.html"
},
{
"trust": 2.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"
},
{
"trust": 2.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200711-06.xml"
},
{
"trust": 1.7,
"url": "http://security.psnc.pl/files/apache_report.pdf"
},
{
"trust": 1.7,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111"
},
{
"trust": 1.7,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=547987"
},
{
"trust": 1.7,
"url": "https://issues.rpath.com/browse/rpl-1710"
},
{
"trust": 1.7,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=186219"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pk50467\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:140"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:142"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/errata/rhsa-2007-0532.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0557.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0662.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html"
},
{
"trust": 1.7,
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-499-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018304"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25827"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25830"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25920"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26211"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26273"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26443"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26508"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26611"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26759"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26790"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26822"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26842"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26993"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27121"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27209"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27563"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27732"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/2814"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28212"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28224"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28606"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0233"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01182588"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3494"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3100"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3420"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4305"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3283"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2727"
},
{
"trust": 1.7,
"url": "http://osvdb.org/38939"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35095"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11589"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/471832/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/469899/100/0/threaded"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=apache-httpd-dev\u0026m=118252946632447\u0026w=2"
},
{
"trust": 1.1,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-p.asc"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.ga15192%40redhat.com%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3304"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd-dev/200706.mbox/%3c20070629141032.ga15192@redhat.com%3e"
},
{
"trust": 0.6,
"url": "http://mail-archives.apache.org/mod_mbox/"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd-dev\u0026m=118252946632447\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.info/?l=apache-"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-012.htm"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/changes_2.2.6"
},
{
"trust": 0.3,
"url": "/archive/1/482486"
},
{
"trust": 0.3,
"url": "/archive/1/469899"
},
{
"trust": 0.3,
"url": "/archive/1/479708"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk50467"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0532.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0662.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.ga15192@redhat.com%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2007-3304"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/499-1/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "BID",
"id": "24215"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2007-3304",
"ident": null
},
{
"db": "BID",
"id": "24215",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "57505",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "60759",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "60039",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "57507",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "58667",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2007-3304",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2007-06-20T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3304",
"ident": null
},
{
"date": "2007-05-29T00:00:00",
"db": "BID",
"id": "24215",
"ident": null
},
{
"date": "2007-07-07T04:29:41",
"db": "PACKETSTORM",
"id": "57505",
"ident": null
},
{
"date": "2007-11-07T20:27:55",
"db": "PACKETSTORM",
"id": "60759",
"ident": null
},
{
"date": "2007-10-12T04:41:53",
"db": "PACKETSTORM",
"id": "60039",
"ident": null
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"date": "2007-07-07T04:32:02",
"db": "PACKETSTORM",
"id": "57507",
"ident": null
},
{
"date": "2007-08-17T06:30:14",
"db": "PACKETSTORM",
"id": "58667",
"ident": null
},
{
"date": "2007-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-316",
"ident": null
},
{
"date": "2007-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000477",
"ident": null
},
{
"date": "2007-06-20T22:30:00",
"db": "NVD",
"id": "CVE-2007-3304",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2022-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3304",
"ident": null
},
{
"date": "2010-08-05T21:15:00",
"db": "BID",
"id": "24215",
"ident": null
},
{
"date": "2022-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-316",
"ident": null
},
{
"date": "2009-02-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000477",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-3304",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "Apache HTTP Server of Prefork MPM Service disruption in modules (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
}
],
"trust": 0.6
}
}
VAR-200009-0023
Vulnerability from variot - Updated: 2026-03-09 21:39VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. Some applications for Microsoft Windows may use unsafe methods for determining how to load DLLs. As a result, these applications can be forced to load a DLL from an attacker-controlled source rather than a trusted location. Windows Program DLL There is an attackable vulnerability in reading. Dynamic link Library (DLL) Is a software component that is loaded at run time, not at program compile time. The program is LoadLibrary() And LoadLibraryEx() Using DLL Is read. Read DLL If no path is specified, specific directories are searched in order and found first. DLL Is loaded. Since this directory group includes the current directory of the process, the directory that can be operated by the attacker is set as the current directory. LoadLibrary() If is called, attack code may be executed. This issue can occur when browsing files located in directories that an attacker can manipulate. Read DLL The name depends on the program. DLL Read Windows The entire program may be affected. " Opera Software "and" Adobe Vulnerability information on " : Mitsui Bussan Secure Direction Co., Ltd. Takashi Yoshikawa MrA remote attacker could execute arbitrary code with the authority to execute the program. Attacker crafted DLL The USB Placing it on a drive or network drive may cause an attack. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The VMWare Tools package used in VMWare products does not properly access the function library. An attacker can exploit this issue by enticing a user to open a malicious file from a network share. The issue can be exploited on Windows guest operating systems Successful exploits will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects the following products: Workstation Player ACE Server Fusion ESX ESXi NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. This file could be in any file format.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Ace any any not affected
Server 2.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
d. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities
The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.4 Build 246459 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.x any not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
ACE any any not affected
Server 2.x Window not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
f. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Potential information leak via hosted networking stack
A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.
A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404
ESXi 3.5
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-238A
Microsoft Windows Insecurely Loads Dynamic Libraries
Original release date: August 26, 2010 Last revised: -- Source: US-CERT
Systems Affected
Any application running on the Microsoft Windows platform that
uses dynamically linked libraries (DLLs) may be affected. Please see the Vendor Information
section of Vulnerability Note VU#707943 for information about
specific vendors. DLLs are typically loaded
when the application is first started; however DLLs may be loaded and unloaded while the application is running. An application can request a DLL file in a variety of ways, and Windows uses several different search algorithms to find DLL files. The interaction between the application and Windows can result in a DLL file being loaded from the current working directory of the application, instead of the Windows system directory or the directory where the application is installed.
The current working directory could be the desktop, a removable storage device such as a USB key, a Windows file share, or a WebDAV location. When a file associated with an application is opened, a DLL in the same directory as the file may be loaded. Although an attacker may not have permission to write to the Windows system or application directories, the attacker may be able to write a DLL to a directory used to store files, or the attacker could provide their own directory.
Attacks against this type of vulnerability have been referred to as "binary planting." Please see Vulnerability Note VU#707943 and Microsoft Security Advisory 2269637 for more information.
II. Impact
By placing a DLL with the correct name (and possibly the relative directory path) in the current working directory, an attacker could execute arbitrary code with the privileges of the application that loads the DLL.
III. Solution
Individual applications that run on the Windows platform may require patches or updates. Microsoft Knowledge Base article KB2264107 describes an update that provides a registry key that can prevent Windows from searching the current working directory for DLL files.
Information about specific solutions for different vendors, general mitigation techniques, and secure ways for applications to load DLLs can be found in the Vendor Information and Solution sections of Vulnerability Note VU#707943.
IV. References
-
Vulnerability Note VU#707943 - http://www.kb.cert.org/vuls/id/707943
-
Microsoft Security Advisory (2269637) - http://www.microsoft.com/technet/security/advisory/2269637.mspx
-
A new CWDIllegalInDllSearch registry entry is available to control the DLL search path algorithm - http://support.microsoft.com/kb/2264107
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-238A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-238A Feedback VU#707943" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Background
VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.
Impact
Local users may be able to gain escalated privileges, cause a Denial of Service, or gain sensitive information.
A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.
Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS).
Workaround
There is no known workaround at this time.
Gentoo discontinued support for VMware Workstation. We recommend that users unmerge VMware Server:
# emerge --unmerge "app-emulation/vmware-server"
References
[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201209-25.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "2.5.5"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "3.0.3"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.5"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.4"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.3"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "3.0"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.0"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.0"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "abvent",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "atomix productions",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "autodesk",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avast antivirus",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bentley",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bittorrent",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bitmanagement",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conceiva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "corel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyberlink",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "daemon tools",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dassault systemes",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "divx",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ezb",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ecava",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fengtao",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gfi",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "graphisoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gilles vollant",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guidance",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "httrack",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "izarc",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "inkscape",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "maxthon",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netstumbler",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "norman",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nullsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pgp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pkware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pixia",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "realnetworks",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sisoftware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "smart projects",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonic",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sweetscape",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "teamviewer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "techsmith",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tortoisesvn",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tracker",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "videolan",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "winmerge",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wireshark",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wolters kluwer",
"version": null
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.5.x"
},
{
"_id": null,
"model": "lhaforge",
"scope": "lte",
"trust": 0.8,
"vendor": "claybird",
"version": "1.5.1 and earlier"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.3"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.4"
},
{
"_id": null,
"model": "securebranch",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "soho xp dedicated application securebranch accessmanager ver2.2.18 before"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.4"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2"
},
{
"_id": null,
"model": "explzh",
"scope": "lte",
"trust": 0.8,
"vendor": "pon",
"version": "v.5.65 and earlier"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "9"
},
{
"_id": null,
"model": "securebranch",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "soho vista dedicated application securebranch accessmanager ver3.0.13 before"
},
{
"_id": null,
"model": "lunascape",
"scope": "lte",
"trust": 0.8,
"vendor": "lunascape",
"version": "6.3.0 and earlier"
},
{
"_id": null,
"model": "securefinger",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "fingerprint authentication runtime ( c / s edition) all versions"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "client v7.1"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.5"
},
{
"_id": null,
"model": "esmpro/serveragentservice",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "lhmelt",
"scope": "lte",
"trust": 0.8,
"vendor": "micco",
"version": "1.65.1.2 and earlier"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "download server v7.1"
},
{
"_id": null,
"model": "esmpro/serveragent",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "client v5.3"
},
{
"_id": null,
"model": "terapad",
"scope": "lte",
"trust": 0.8,
"vendor": "terao progress",
"version": "ver.1.00\\u3000 and earlier"
},
{
"_id": null,
"model": "sleipnir",
"scope": "lte",
"trust": 0.8,
"vendor": "fenrir",
"version": "2.9.5 and earlier"
},
{
"_id": null,
"model": "securefinger",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "fingerprint authentication utility ad all versions"
},
{
"_id": null,
"model": "lhaplus",
"scope": "lte",
"trust": 0.8,
"vendor": "schezo",
"version": "1.57 and earlier"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.3"
},
{
"_id": null,
"model": "infoframe documentskipper",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "downloader v5.3"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "download contents v8.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "5.5.x"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.4"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "3.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esxi",
"version": "3.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esxi",
"version": "4.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "2.5.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "3.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "3.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "4.0"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"_id": null,
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"_id": null,
"model": "movie decoder",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.6"
},
{
"_id": null,
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2147997"
},
{
"_id": null,
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2"
},
{
"_id": null,
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.3"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.5"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "BID",
"id": "39392"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:ace",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esxi",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:fusion",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
}
]
},
"credits": {
"_id": null,
"data": "Alin Rad Pop",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1141",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CVE-2010-1141",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "46c824c0-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1141",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#707943",
"trust": 0.8,
"value": "64.13"
},
{
"author": "NVD",
"id": "CVE-2010-1141",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-160",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-1141",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"description": {
"_id": null,
"data": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. Some applications for Microsoft Windows may use unsafe methods for determining how to load DLLs. As a result, these applications can be forced to load a DLL from an attacker-controlled source rather than a trusted location. Windows Program DLL There is an attackable vulnerability in reading. Dynamic link Library (DLL) Is a software component that is loaded at run time, not at program compile time. The program is LoadLibrary() And LoadLibraryEx() Using DLL Is read. Read DLL If no path is specified, specific directories are searched in order and found first. DLL Is loaded. Since this directory group includes the current directory of the process, the directory that can be operated by the attacker is set as the current directory. LoadLibrary() If is called, attack code may be executed. This issue can occur when browsing files located in directories that an attacker can manipulate. Read DLL The name depends on the program. DLL Read Windows The entire program may be affected. \" Opera Software \"and\" Adobe Vulnerability information on \" : Mitsui Bussan Secure Direction Co., Ltd. Takashi Yoshikawa MrA remote attacker could execute arbitrary code with the authority to execute the program. Attacker crafted DLL The USB Placing it on a drive or network drive may cause an attack. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The VMWare Tools package used in VMWare products does not properly access the function library. \nAn attacker can exploit this issue by enticing a user to open a malicious file from a network share. The issue can be exploited on Windows guest operating systems\nSuccessful exploits will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nThis issue affects the following products:\nWorkstation\nPlayer\nACE\nServer\nFusion\nESX\nESXi\nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. This file could be in any file format. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n\n Steps needed to remediate this vulnerability:\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the remediated version of Workstation, Player, ACE,\n Server and Fusion. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n escalation\n\n A vulnerability in the USB service allows for a privilege\n escalation. A local attacker on the host of a Windows-based\n Operating System where VMware Workstation or VMware Player\n is installed could plant a malicious executable on the host and\n elevate their privileges. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x any not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.0 Linux not affected\n Player 2.5.x any not affected\n\n Ace any any not affected\n\n Server 2.x any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities\n\n The VMware movie decoder contains the VMnc media codec that is\n required to play back movies recorded with VMware Workstation,\n VMware Player and VMware ACE, in any compatible media player. The\n movie decoder is installed as part of VMware Workstation, VMware\n Player and VMware ACE, or can be downloaded as a stand alone\n package. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Movie Decoder any Windows 6.5.4 Build 246459 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.x any not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n ACE any any not affected\n\n Server 2.x Window not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\nf. \n Exploitation of this issue may lead to arbitrary code execution on\n the system where VMrc is installed. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Potential information leak via hosted networking stack\n\n A vulnerability in the virtual networking stack of VMware hosted\n products could allow host information disclosure. \n\n A guest operating system could send memory from the host vmware-vmx\n process to the virtual network adapter and potentially to the\n host\u0027s physical Ethernet wire. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Linux-based vmrun format string vulnerability\n\n A format string vulnerability in vmrun could allow arbitrary code\n execution. \n\n If a vmrun command is issued and processes are listed, code could\n be executed in the context of the user listing the processes. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n VIX API any Windows not affected\n VIX API 1.6.x Linux upgrade to VIX API 1.7 or later\n VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows not affected\n Workstation 6.5.x Linux 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x Windows not affected\n Player 2.5.x Linux 2.5.4 build 246459 or later\n\n Ace any Windows not affected\n\n Server 2.x Windows not affected\n Server 2.x Linux not being fixed at this time\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n VIX API 1.6 for Windows\n Version 2.0.2 | 203138 - 10/26/09\n 37 MB image\n md5sum: 827e65e70803ec65ade62dd27a74407a\n sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n For Linux\n\n VMware Server 2 for Linux Operating Systems. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 451 MB TAR image\n md5sum: cc7aef813008eeb7150c21547d431b39\n sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n VMware Fusion 3.0.2\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n VMware Fusion 3.0.2 (for Intel-based Macs)\n md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n VMware Fusion 2.0.7\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n VMware Fusion 2.0.7 (for Intel-based Macs)\n md5sum: a293f5ce6ccc227760640753386e9da6\n sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n VMware Fusion 2.0.7 Light (for Intel-based Macs)\n md5sum: d4772d118fb90323f598849e70c21189\n sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n ----------------------------------------------\n VIX API for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host\n md5sum:b494fc3092f07d0f29cc06a19fe61306\n sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n VIX API for Linux 32-bit\n md5sum:6b0ed8872d8b714363cddc68b6a77008\n sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n VIX API for Linux 64-bit\n md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n VIX API Version: 1.8.1 | 2009-10-11 | 207905\n ---------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:4f21e4cb518767bc08045f5a39f5d41f\n sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n VIX API for Linux 32-bit\n md5sum:f347e94d907c26754540d59956ee5d53\n sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n VIX API for Linux 64-bit\n md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n VIX API Version: 1.10 Beta | 01/28/10 | 222403\n ----------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n VIX API for Linux 32-bit\n md5sum:07d1989d042e317eb9d2b3daf269dda7\n sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n VIX API for Linux 64-bit\n md5sum:9b345008e0adec3c044988307294944b\n sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n ESXi\n ----\n ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n md5sum: e5aa2968d389594abdc59cbac7b0183d\n sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n http://kb.vmware.com/kb/1018404\n\n ESXi 3.5\n --------\n ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n ESXe350-200912401-O-BG from December 2009. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-238A\n\n\nMicrosoft Windows Insecurely Loads Dynamic Libraries\n\n Original release date: August 26, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n Any application running on the Microsoft Windows platform that\n uses dynamically linked libraries (DLLs) may be affected. Please see the Vendor Information\n section of Vulnerability Note VU#707943 for information about\n specific vendors. DLLs are typically loaded\n when the application is first started; however DLLs may be loaded\n and unloaded while the application is running. An application can\n request a DLL file in a variety of ways, and Windows uses several\n different search algorithms to find DLL files. The interaction\n between the application and Windows can result in a DLL file being\n loaded from the current working directory of the application,\n instead of the Windows system directory or the directory where the\n application is installed. \n\n The current working directory could be the desktop, a removable\n storage device such as a USB key, a Windows file share, or a WebDAV\n location. When a file associated with an application is opened, a\n DLL in the same directory as the file may be loaded. Although an\n attacker may not have permission to write to the Windows system or\n application directories, the attacker may be able to write a DLL to\n a directory used to store files, or the attacker could provide\n their own directory. \n\n Attacks against this type of vulnerability have been referred to as\n \"binary planting.\" Please see Vulnerability Note VU#707943 and\n Microsoft Security Advisory 2269637 for more information. \n\n\nII. Impact\n\n By placing a DLL with the correct name (and possibly the relative\n directory path) in the current working directory, an attacker could\n execute arbitrary code with the privileges of the application that\n loads the DLL. \n\n\nIII. Solution\n\n Individual applications that run on the Windows platform may\n require patches or updates. Microsoft Knowledge Base article\n KB2264107 describes an update that provides a registry key that can\n prevent Windows from searching the current working directory for\n DLL files. \n\n Information about specific solutions for different vendors, general\n mitigation techniques, and secure ways for applications to load\n DLLs can be found in the Vendor Information and Solution sections\n of Vulnerability Note VU#707943. \n\n\nIV. References\n\n * Vulnerability Note VU#707943 -\n \u003chttp://www.kb.cert.org/vuls/id/707943\u003e\n\n * Microsoft Security Advisory (2269637) -\n \u003chttp://www.microsoft.com/technet/security/advisory/2269637.mspx\u003e\n\n * A new CWDIllegalInDllSearch registry entry is available to control\n the DLL search path algorithm -\n \u003chttp://support.microsoft.com/kb/2264107\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-238A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-238A Feedback VU#707943\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/vmware-player\n \u003c= 2.5.5.328052 Vulnerable!\n 2 app-emulation/vmware-workstation\n \u003c= 6.5.5.328052 Vulnerable!\n 3 app-emulation/vmware-server\n \u003c= 1.0.9.156507 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nLocal users may be able to gain escalated privileges, cause a Denial of\nService, or gain sensitive information. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nFurthermore, guest OS users may be able to execute arbitrary code on\nthe host OS, gain escalated privileges on the guest OS, or cause a\nDenial of Service (crash the host OS). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nGentoo discontinued support for VMware Workstation. We recommend that users\nunmerge VMware Server:\n\n # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[ 1 ] CVE-2007-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[ 2 ] CVE-2007-5503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[ 3 ] CVE-2007-5671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[ 4 ] CVE-2008-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[ 5 ] CVE-2008-1340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[ 6 ] CVE-2008-1361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[ 7 ] CVE-2008-1362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[ 8 ] CVE-2008-1363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[ 9 ] CVE-2008-1364\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1141"
},
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "BID",
"id": "39392"
},
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "93209"
},
{
"db": "PACKETSTORM",
"id": "117012"
}
],
"trust": 4.59
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2010-1141",
"trust": 4.0
},
{
"db": "SECUNIA",
"id": "39198",
"trust": 3.1
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023832",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1023833",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#707943",
"trust": 1.7
},
{
"db": "USCERT",
"id": "TA10-238A",
"trust": 1.7
},
{
"db": "BID",
"id": "39392",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2010-0574",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160",
"trust": 1.0
},
{
"db": "BID",
"id": "1699",
"trust": 0.8
},
{
"db": "VUPEN",
"id": "ADV-2010-0852",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788\u203b14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7C8FB0-463F-11E9-A735-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "46C824C0-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2010-1141",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93209",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117012",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "BID",
"id": "39392"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "93209"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"id": "VAR-200009-0023",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
}
]
},
"last_update_date": "2026-03-09T21:39:16.624000Z",
"patch": {
"_id": null,
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"title": "HT4105",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4105"
},
{
"title": "HT4105",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4105?viewlocale=ja_JP"
},
{
"title": "Opera Software\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/JVNVU707943/844993/index.html"
},
{
"title": "Adobe\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/JVNVU707943/244523/index.html"
},
{
"title": "LhaForge",
"trust": 0.8,
"url": "http://claybird.sakura.ne.jp/garage/lhaforge/index.html"
},
{
"title": "2010.2F9.2F7_ver_6.3.1",
"trust": 0.8,
"url": "http://lunapedia.lunascape.jp/index.php?title=Lunascape6#2010.2F9.2F7_ver_6.3.1"
},
{
"title": "Another technique for Fixing DLL Preloading attacks",
"trust": 0.8,
"url": "http://blogs.msdn.com/b/david_leblanc/archive/2010/08/23/another-technique-for-fixing-dll-preloading-attacks.aspx"
},
{
"title": "More information about the DLL Preloading remote attack vector",
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
},
{
"title": "Secure loading of libraries to prevent DLL preloading attacks - Guidance for Software Developers\u3000(Word \u6587\u66f8)",
"trust": 0.8,
"url": "http://blogs.technet.com/cfs-file.ashx/__key/CommunityServer-Components-PostAttachments/00-03-35-14-21/Secure-loading-of-libraries-to-prevent-DLL-Preloading.docx"
},
{
"title": "Dynamic-Link Library Security",
"trust": 0.8,
"url": "http://msdn.microsoft.com/ja-jp/library/ff919712%28v=VS.85%29.aspx"
},
{
"title": "2269637",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/2269637.mspx"
},
{
"title": "Load Library Safely",
"trust": 0.8,
"url": "https://blogs.technet.microsoft.com/srd/2014/05/13/load-library-safely/"
},
{
"title": "DLL \u691c\u7d22\u30d1\u30b9\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092\u5236\u5fa1\u3059\u308b\u65b0\u3057\u3044 CWDIllegalInDllSearch \u30ec\u30b8\u30b9\u30c8\u30ea\u30a8\u30f3\u30c8\u30ea\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://support.microsoft.com/kb/2264107"
},
{
"title": "NV11-003",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv11-003.html"
},
{
"title": "Microsoft Windows \u306b\u304a\u3051\u308b DLL \u8aad\u307f\u8fbc\u307f\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.ponsoftware.com/archiver/bug.htm#load_lib"
},
{
"title": "\u691c\u7d22\u30d1\u30b9\u306e\u554f\u984c\u306b\u8d77\u56e0\u3059\u308b\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www5f.biglobe.ne.jp/~t-susumu"
},
{
"title": "MHSVI#20100824",
"trust": 0.8,
"url": "http://homepage3.nifty.com/micco/vul/2010/mhsvi20100824.htm"
},
{
"title": "sleipnirsleipnir_295",
"trust": 0.8,
"url": "http://www.fenrir.co.jp/blog/2010/10/sleipnirsleipnir_295.html"
},
{
"title": "2269637",
"trust": 0.8,
"url": "https://www.microsoft.com/japan/technet/security/advisory/2269637.mspx"
},
{
"title": "\u65b0\u305f\u306a\u30ea\u30e2\u30fc\u30c8\u306e\u653b\u6483\u624b\u6cd5\u306b\u95a2\u3059\u308b\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea 2269637 \u3092\u516c\u958b",
"trust": 0.8,
"url": "http://blogs.technet.com/b/jpsecurity/archive/2010/08/24/3351474.aspx"
},
{
"title": "\u30e9\u30a4\u30d6\u30e9\u30ea\u3092\u5b89\u5168\u306b\u30ed\u30fc\u30c9\u3057\u3066 DLL \u306e\u30d7\u30ea\u30ed\u30fc\u30c9\u653b\u6483\u3092\u9632\u3050 - \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u958b\u767a\u8005\u5411\u3051\u30ac\u30a4\u30c0\u30f3\u30b9 (Word \u6587\u66f8)",
"trust": 0.8,
"url": "http://blogs.technet.com/cfs-file.ashx/__key/CommunityServer-Components-PostAttachments/00-03-35-14-74/Secure-loading-of-libraries-to-prevent-DLL-Preloading_5F00_J.docx"
},
{
"title": "TA10-238A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-238a.html"
},
{
"title": "VMSA - 2010 - 0007: VMware Managed Products, vCenter Server and ESX Multiple Security Patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/155"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/39198"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023832"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023833"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 1.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-238a.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 1.1,
"url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-1-pub.txt"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7020"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/39392"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.8,
"url": "http://www.cert.org/blogs/vuls/2008/09/carpet_bombing_and_directory_p.html"
},
{
"trust": 0.8,
"url": "http://blog.mandiant.com/archives/1207"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/en-us/library/aa297182"
},
{
"trust": 0.8,
"url": "http://blog.zoller.lu/2010/08/cve-2010-xn-loadlibrarygetprocaddress.html"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/en-us/library/ms684175%28vs.85%29.aspx"
},
{
"trust": 0.8,
"url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-2-pub.txt"
},
{
"trust": 0.8,
"url": "http://www.acrossecurity.com/aspr/aspr-2010-08-18-1-pub.txt"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1699/discuss"
},
{
"trust": 0.8,
"url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
},
{
"trust": 0.8,
"url": "http://blog.rapid7.com/?p=5325"
},
{
"trust": 0.8,
"url": "http://www.cs.ucdavis.edu/research/tech-reports/2010/cse-2010-2.pdf"
},
{
"trust": 0.8,
"url": "https://www.microsoft.com/technet/security/advisory/2269637.mspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.msdn.com/b/david_leblanc/archive/2010/08/23/another-technique-for-fixing-dll-preloading-attacks.aspx"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/2264107"
},
{
"trust": 0.8,
"url": "http://www.guninski.com/officedll.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-238a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-23"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1141"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/0852"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/about/press/20101111.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-238a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu707943"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-23/"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/707943"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/707943\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-238a.html\u003e"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2264107\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/advisory/2269637.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "BID",
"id": "39392"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "93209"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
"ident": null
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#707943",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2010-0574",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2010-1141",
"ident": null
},
{
"db": "BID",
"id": "39392",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "88215",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "93209",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117012",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2010-1141",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
"ident": null
},
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2010-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#707943",
"ident": null
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0574",
"ident": null
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1141",
"ident": null
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39392",
"ident": null
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215",
"ident": null
},
{
"date": "2010-08-27T02:58:57",
"db": "PACKETSTORM",
"id": "93209",
"ident": null
},
{
"date": "2012-09-30T16:40:15",
"db": "PACKETSTORM",
"id": "117012",
"ident": null
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-160",
"ident": null
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001364",
"ident": null
},
{
"date": "2010-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001999",
"ident": null
},
{
"date": "2010-04-12T18:30:00.663000",
"db": "NVD",
"id": "CVE-2010-1141",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-10-13T00:00:00",
"db": "CERT/CC",
"id": "VU#707943",
"ident": null
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0574",
"ident": null
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1141",
"ident": null
},
{
"date": "2012-10-01T19:10:00",
"db": "BID",
"id": "39392",
"ident": null
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-160",
"ident": null
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001364",
"ident": null
},
{
"date": "2016-11-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001999",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-1141",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "VMWare Tools Package Library Reference Code Execution Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
}
],
"trust": 1.0
},
"type": {
"_id": null,
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
}
],
"trust": 0.6
}
}
VAR-201003-0281
Vulnerability from variot - Updated: 2026-03-09 21:35The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. OpenSSL versions 0.9.8f through 0.9.8m are vulnerable.
Affected versions depend on the C compiler used with OpenSSL:
- If 'short' is a 16-bit integer, this issue applies only to OpenSSL 0.9.8m.
- Otherwise, this issue applies to OpenSSL 0.9.8f through 0.9.8m.
Users of OpenSSL should update to the OpenSSL 0.9.8n release, which contains a patch to correct this issue. If upgrading is not immediately possible, the source code patch provided in this advisory should be applied.
Bodo Moeller and Adam Langley (Google) have identified the vulnerability and prepared the fix.
Patch
--- ssl/s3_pkt.c 24 Jan 2010 13:52:38 -0000 1.57.2.9 +++ ssl/s3_pkt.c 24 Mar 2010 00:00:00 -0000 @@ -291,9 +291,9 @@ if (version != s->version) { SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); - / Send back error using their - * version number :-) / - s->version=version; + if ((s->version & 0xFF00) == (version & 0xFF00)) + / Send back error using their minor version number :-) / + s->version = (unsigned short)version; al=SSL_AD_PROTOCOL_VERSION; goto f_err; }
References
This vulnerability is tracked as CVE-2010-0740.
URL for this Security Advisory: https://www.openssl.org/news/secadv_20100324.txt . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-01
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 09, 2011 Bugs: #303739, #308011, #322575, #332027, #345767, #347623, #354139, #382069 ID: 201110-01
Synopsis
Multiple vulnerabilities were found in OpenSSL, allowing for the execution of arbitrary code and other attacks.
Background
OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.0e >= 1.0.0e
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.
Impact
A context-dependent attacker could cause a Denial of Service, possibly execute arbitrary code, bypass intended key requirements, force the downgrade to unintended ciphers, bypass the need for knowledge of shared secrets and successfully authenticate, bypass CRL validation, or obtain sensitive information in applications that use OpenSSL.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.0e"
NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 17, 2011. It is likely that your system is already no longer affected by most of these issues.
References
[ 1 ] CVE-2009-3245 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3245 [ 2 ] CVE-2009-4355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4355 [ 3 ] CVE-2010-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0433 [ 4 ] CVE-2010-0740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0740 [ 5 ] CVE-2010-0742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0742 [ 6 ] CVE-2010-1633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1633 [ 7 ] CVE-2010-2939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2939 [ 8 ] CVE-2010-3864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3864 [ 9 ] CVE-2010-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180 [ 10 ] CVE-2010-4252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4252 [ 11 ] CVE-2011-0014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0014 [ 12 ] CVE-2011-3207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3207 [ 13 ] CVE-2011-3210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02079216 Version: 1
HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-04-13 Last Updated: 2010-04-13
Potential Security Impact: Remote unauthorized information disclosure, unauthorized data modification, Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities has been identified with HP-UX OpenSSL. These vulnerabilities could be exploited remotely for unauthorized information disclosure, unauthorized data modification, and to create a Denial of Service (DoS).
References: CVE-2009-3245, CVE-2009-3555, CVE-2009-4355, CVE-2010-0433, CVE-2010-0740. HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08n.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2009-3245 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2009-4355 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided upgrades to resolve these vulnerabilities. The upgrades are available from the following location.
Host / Account / Password
ftp.usa.hp.com / sb02517 / Secure12
HP-UX Release / Depot Name / SHA-1 digest
B.11.11 PA (32 and 64) / OpenSSL_A.00.09.08n.001_HP-UX_B.11.11_32+64.depot / 2FE85DEE859C93F9D02A69666A455E9A7442DC5D
B.11.23 (PA and IA) / OpenSSL_A.00.09.08n.002_HP-UX_B.11.23_IA-PA.depot / 69F9AEE88F89C53FFE6794822F6A843F312384CD
B.11.31 (PA and IA) / OpenSSL_A.00.09.08n.003_HP-UX_B.11.31_IA-PA.depot / 07A205AA57B4BDF98B65D31287CDCBE3B9F011D5
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08n or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.001 or subsequent
HP-UX B.11.23
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.002 or subsequent
HP-UX B.11.31
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.003 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) 13 April 2010 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkvE61EACgkQ4B86/C0qfVkXUQCg5DunZ1ZsghQGw/5ot7rFpqk1 U+IAnjlb/EweXqml7TOdX8En10UGC1Km =XScD -----END PGP SIGNATURE----- . Apache-based Web Server is contained in the Apache Web Server Suite. The upgrades are available from the following location:
URL http://software.hp.com
Note: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09 Note: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15
Web Server Suite Version / HP-UX Release / Depot name
Web Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot
Web Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot
Web Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot
Web Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot
Web Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot
Web Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot
Web Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot
MANUAL ACTIONS: Yes - Update
Install Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent or Install Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check.
Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products.
Update:
Packages for 2009.0 are provided due to the Extended Maintenance Program.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433
Updated Packages:
Mandriva Linux 2009.0: 1f42cf30ee84314be4125a070709d239 2009.0/i586/libopenssl0.9.8-0.9.8h-3.7mdv2009.0.i586.rpm 372bffd962ced1965c33b752def70b8b 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.7mdv2009.0.i586.rpm ace965066796e71bf4ecf4af6bc831c5 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.i586.rpm a6e08ca29b012c695e0763f6fd15fac1 2009.0/i586/openssl-0.9.8h-3.7mdv2009.0.i586.rpm 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: f6748700d01abc7e33053e339575cede 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.7mdv2009.0.x86_64.rpm b53a75b4c732a3371a3bcd0e8ed47481 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm 187bff89c19e2d65ccc5c640a32d0cc7 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm 1d6f6fca3b51e498359cbbbde07a4a0e 2009.0/x86_64/openssl-0.9.8h-3.7mdv2009.0.x86_64.rpm 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLzKP9mqjQ0CJFipgRAsUVAJkBjISC/NXul8GxUaeiBPsnb6gRNQCgt+ty X3hfPZSWARaTxUmX7P/4FDM= =FrW5 -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8i"
},
{
"_id": null,
"model": "vcenter",
"scope": "eq",
"trust": 1.1,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "virtualcenter",
"scope": "eq",
"trust": 1.1,
"vendor": "vmware",
"version": "2.5"
},
{
"_id": null,
"model": "vcenter",
"scope": "eq",
"trust": 1.1,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8f to 0.9.8m"
},
{
"_id": null,
"model": "ace",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "esx",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "esxi",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "fusion",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "player",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "workstation",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.7"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.7"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "opensolaris build snv 134",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "active management technology sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"_id": null,
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "9.2.3.1"
},
{
"_id": null,
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.52"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 131",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 56",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 38",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 126",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "opensolaris build snv 125",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "vcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.01"
},
{
"_id": null,
"model": "circle",
"scope": "ne",
"trust": 0.3,
"vendor": "voodoo",
"version": "1.1.40"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 133",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 129",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 35",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.7"
},
{
"_id": null,
"model": "coat systems blue coat reporter",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "9.2.4.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.55"
},
{
"_id": null,
"model": "big-ip protocol security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "opensolaris build snv 130",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "opensolaris build snv 121",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"_id": null,
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "active management technology sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "bigip global traffic manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "opensolaris build snv 98",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.6"
},
{
"_id": null,
"model": "opensolaris build snv 117",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.51"
},
{
"_id": null,
"model": "opensolaris build snv 113",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "opensolaris build snv 124",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 118",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bigip edge",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "opensolaris build snv 123",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "setup and configuration service",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "5.0"
},
{
"_id": null,
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "9.1.5.1"
},
{
"_id": null,
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 114",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "opensolaris build snv 112",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "opensolaris build snv 119",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 128",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.1.5"
},
{
"_id": null,
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "setup and configuration service",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"_id": null,
"model": "circle xtelnet",
"scope": "eq",
"trust": 0.3,
"vendor": "voodoo",
"version": "0.4.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "virtualcenter 2.5.update build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "31"
},
{
"_id": null,
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 71",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bigip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 28",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "active management technology sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "3.0"
},
{
"_id": null,
"model": "opensolaris build snv 132",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "active management technology sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"_id": null,
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "vcenter update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "4.11"
},
{
"_id": null,
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.3.1"
},
{
"_id": null,
"model": "circle",
"scope": "eq",
"trust": 0.3,
"vendor": "voodoo",
"version": "1.1.39"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.5"
},
{
"_id": null,
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8"
},
{
"_id": null,
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.56"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"_id": null,
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 48",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "circle xtelnet",
"scope": "ne",
"trust": 0.3,
"vendor": "voodoo",
"version": "0.4.6"
},
{
"_id": null,
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.10"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 37",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "active management technology sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "5.0"
},
{
"_id": null,
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.7.1"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "opensolaris build snv 122",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 115",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 74",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 120",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 51",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 136",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "big-ip wan optimization module",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"_id": null,
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.54"
},
{
"_id": null,
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 137",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "opensolaris build snv 116",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 127",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9"
},
{
"_id": null,
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 135",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
}
],
"sources": [
{
"db": "BID",
"id": "39013"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ibm:aix",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:ace",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esxi",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:fusion",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:vcenter",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:virtualcenter",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
}
]
},
"credits": {
"_id": null,
"data": "Bodo Moeller and Adam Langley",
"sources": [
{
"db": "BID",
"id": "39013"
}
],
"trust": 0.3
},
"cve": "CVE-2010-0740",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2010-0740",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0740",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-0740",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201003-393",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-0740",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"description": {
"_id": null,
"data": "The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. \nOpenSSL versions 0.9.8f through 0.9.8m are vulnerable. \n\nAffected versions depend on the C compiler used with OpenSSL:\n\n- If \u0027short\u0027 is a 16-bit integer, this issue applies only to OpenSSL 0.9.8m. \n- Otherwise, this issue applies to OpenSSL 0.9.8f through 0.9.8m. \n\nUsers of OpenSSL should update to the OpenSSL 0.9.8n release, which contains a\npatch to correct this issue. If upgrading is not immediately possible, the\nsource code patch provided in this advisory should be applied. \n\nBodo Moeller and Adam Langley (Google) have identified the vulnerability\nand prepared the fix. \n\n\nPatch\n-----\n\n--- ssl/s3_pkt.c\t24 Jan 2010 13:52:38 -0000\t1.57.2.9\n+++ ssl/s3_pkt.c\t24 Mar 2010 00:00:00 -0000\n@@ -291,9 +291,9 @@\n \t\t\tif (version != s-\u003eversion)\n \t\t\t\t{\n \t\t\t\tSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);\n-\t\t\t\t/* Send back error using their\n-\t\t\t\t * version number :-) */\n-\t\t\t\ts-\u003eversion=version;\n+ if ((s-\u003eversion \u0026 0xFF00) == (version \u0026 0xFF00))\n+ \t/* Send back error using their minor version number :-) */\n+\t\t\t\t\ts-\u003eversion = (unsigned short)version;\n \t\t\t\tal=SSL_AD_PROTOCOL_VERSION;\n \t\t\t\tgoto f_err;\n \t\t\t\t}\n\n\nReferences\n----------\n\nThis vulnerability is tracked as CVE-2010-0740. \n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20100324.txt\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201110-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 09, 2011\n Bugs: #303739, #308011, #322575, #332027, #345767, #347623,\n #354139, #382069\n ID: 201110-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in OpenSSL, allowing for the\nexecution of arbitrary code and other attacks. \n\nBackground\n==========\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer\n(SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general\npurpose cryptography library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.0e \u003e= 1.0.0e\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nA context-dependent attacker could cause a Denial of Service, possibly\nexecute arbitrary code, bypass intended key requirements, force the\ndowngrade to unintended ciphers, bypass the need for knowledge of\nshared secrets and successfully authenticate, bypass CRL validation, or\nobtain sensitive information in applications that use OpenSSL. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.0e\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since September 17, 2011. It is likely that your system is\nalready no longer affected by most of these issues. \n\nReferences\n==========\n\n[ 1 ] CVE-2009-3245\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3245\n[ 2 ] CVE-2009-4355\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4355\n[ 3 ] CVE-2010-0433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0433\n[ 4 ] CVE-2010-0740\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0740\n[ 5 ] CVE-2010-0742\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0742\n[ 6 ] CVE-2010-1633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1633\n[ 7 ] CVE-2010-2939\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2939\n[ 8 ] CVE-2010-3864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3864\n[ 9 ] CVE-2010-4180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180\n[ 10 ] CVE-2010-4252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4252\n[ 11 ] CVE-2011-0014\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0014\n[ 12 ] CVE-2011-3207\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3207\n[ 13 ] CVE-2011-3210\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02079216\nVersion: 1\n\nHPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2010-04-13\nLast Updated: 2010-04-13\n\nPotential Security Impact: Remote unauthorized information disclosure, unauthorized data modification, Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities has been identified with HP-UX OpenSSL. These vulnerabilities could be exploited remotely for unauthorized information disclosure, unauthorized data modification, and to create a Denial of Service (DoS). \n\nReferences: CVE-2009-3245, CVE-2009-3555, CVE-2009-4355, CVE-2010-0433, CVE-2010-0740. \nHP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08n. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2009-3245 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4\nCVE-2009-4355 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location. \n\nHost / Account / Password\n\nftp.usa.hp.com / sb02517 / Secure12\n\nHP-UX Release / Depot Name / SHA-1 digest\n\nB.11.11 PA (32 and 64) / OpenSSL_A.00.09.08n.001_HP-UX_B.11.11_32+64.depot /\n 2FE85DEE859C93F9D02A69666A455E9A7442DC5D\n\nB.11.23 (PA and IA) / OpenSSL_A.00.09.08n.002_HP-UX_B.11.23_IA-PA.depot /\n 69F9AEE88F89C53FFE6794822F6A843F312384CD\n\nB.11.31 (PA and IA) / OpenSSL_A.00.09.08n.003_HP-UX_B.11.31_IA-PA.depot /\n 07A205AA57B4BDF98B65D31287CDCBE3B9F011D5\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08n or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08n.001 or subsequent\n\nHP-UX B.11.23\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08n.002 or subsequent\n\nHP-UX B.11.31\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08n.003 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 13 April 2010 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAkvE61EACgkQ4B86/C0qfVkXUQCg5DunZ1ZsghQGw/5ot7rFpqk1\nU+IAnjlb/EweXqml7TOdX8En10UGC1Km\n=XScD\n-----END PGP SIGNATURE-----\n. Apache-based Web Server is contained in the Apache Web Server Suite. \nThe upgrades are available from the following location:\n\nURL http://software.hp.com\n\nNote: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09\nNote: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15\n\nWeb Server Suite Version / HP-UX Release / Depot name\n\nWeb Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot\n\nWeb Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot\n\nWeb Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot\n\nWeb Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot\n\nWeb Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot\n\nWeb Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot\n\nWeb Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent\nor\nInstall Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. \n \n Packages for 2008.0 and 2009.0 are provided due to the Extended\n Maintenance Program for those products. \n\n Update:\n\n Packages for 2009.0 are provided due to the Extended Maintenance\n Program. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2009.0:\n 1f42cf30ee84314be4125a070709d239 2009.0/i586/libopenssl0.9.8-0.9.8h-3.7mdv2009.0.i586.rpm\n 372bffd962ced1965c33b752def70b8b 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.7mdv2009.0.i586.rpm\n ace965066796e71bf4ecf4af6bc831c5 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.i586.rpm\n a6e08ca29b012c695e0763f6fd15fac1 2009.0/i586/openssl-0.9.8h-3.7mdv2009.0.i586.rpm \n 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n f6748700d01abc7e33053e339575cede 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.7mdv2009.0.x86_64.rpm\n b53a75b4c732a3371a3bcd0e8ed47481 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm\n 187bff89c19e2d65ccc5c640a32d0cc7 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm\n 1d6f6fca3b51e498359cbbbde07a4a0e 2009.0/x86_64/openssl-0.9.8h-3.7mdv2009.0.x86_64.rpm \n 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLzKP9mqjQ0CJFipgRAsUVAJkBjISC/NXul8GxUaeiBPsnb6gRNQCgt+ty\nX3hfPZSWARaTxUmX7P/4FDM=\n=FrW5\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0740"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "BID",
"id": "39013"
},
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "PACKETSTORM",
"id": "169649"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "88621"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "88698"
}
],
"trust": 2.52
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=12334",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2010-0740",
"trust": 3.4
},
{
"db": "VUPEN",
"id": "ADV-2010-0710",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023748",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2010-1216",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0933",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0839",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "42733",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "39932",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "42724",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "43311",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393",
"trust": 0.6
},
{
"db": "BID",
"id": "39013",
"trust": 0.3
},
{
"db": "EXPLOIT-DB",
"id": "12334",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-0740",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169649",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105638",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88621",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88387",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88698",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "BID",
"id": "39013"
},
{
"db": "PACKETSTORM",
"id": "169649"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "88621"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "88698"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"id": "VAR-201003-0281",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.44448256
},
"last_update_date": "2026-03-09T21:35:57.491000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT4723",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4723"
},
{
"title": "HPSBUX02517",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02079216"
},
{
"title": "HPSBUX02531",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02160663"
},
{
"title": "5092",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=5092"
},
{
"title": "5101",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=5101"
},
{
"title": "secadv_20100324",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20100324.txt"
},
{
"title": "VMSA-2011-0003",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"title": "openssl-0.9.8n",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=155"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2010-0740: openssl denial-of-service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=f6760a316bfc017e8e4b03c469542809"
},
{
"title": "Symantec Security Advisories: SA50 : Multiple SSL/TLS vulnerabilities in Reporter",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e934b8269c86666c1ebc108ca0e3d35"
},
{
"title": "VMware Security Advisories: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=ea953b0a91a1816979ec1d304d5e3d93"
},
{
"title": "deepdig",
"trust": 0.1,
"url": "https://github.com/cyberdeception/deepdig "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0710"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1023748"
},
{
"trust": 2.0,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
},
{
"trust": 2.0,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa50"
},
{
"trust": 1.8,
"url": "http://www.openssl.org/news/secadv_20100324.txt"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/0839"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-april/038587.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/0933"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:076"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/1216"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/39932"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/42733"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/42724"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/security/advisories/vmsa-2011-0003.html"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"trust": 1.7,
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-january/000101.html"
},
{
"trust": 1.7,
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-january/000102.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/43311"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2011//jun/msg00000.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht4723"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11731"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0740"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu976710"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0740"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0740"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3245"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0433"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/cve_2010_0433_openssl_with"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata45.html"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata46.html"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata47.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "http://security-center.intel.com/advisory.aspx?intelid=intel-sa-00024\u0026languageid=en-fr"
},
{
"trust": 0.3,
"url": "/archive/1/510726"
},
{
"trust": 0.3,
"url": "http://voodoo-circle.sourceforge.net/sa/sa-20100624-02.html"
},
{
"trust": 0.3,
"url": "https://support.f5.com/kb/en-us/solutions/public/11000/500/sol11504.html"
},
{
"trust": 0.3,
"url": "https://support.f5.com/kb/en-us/solutions/public/11000/500/sol11533.html"
},
{
"trust": 0.3,
"url": "http://openssl.org/news/secadv_20100324.txt"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4355"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3245"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0433"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=20139"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/12334/"
},
{
"trust": 0.1,
"url": "https://github.com/cyberdeception/deepdig"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0742"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4355"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3207"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2939"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3210"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0740"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-01.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3245"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0014"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4252"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://software.hp.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3094"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0408"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "BID",
"id": "39013"
},
{
"db": "PACKETSTORM",
"id": "169649"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "88621"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "88698"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2010-0740",
"ident": null
},
{
"db": "BID",
"id": "39013",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169649",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "105638",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "88621",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "88387",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "90263",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "88698",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2010-0740",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2010-03-26T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0740",
"ident": null
},
{
"date": "2010-03-24T00:00:00",
"db": "BID",
"id": "39013",
"ident": null
},
{
"date": "2010-03-24T12:12:12",
"db": "PACKETSTORM",
"id": "169649",
"ident": null
},
{
"date": "2011-10-09T16:42:00",
"db": "PACKETSTORM",
"id": "105638",
"ident": null
},
{
"date": "2010-04-19T20:27:54",
"db": "PACKETSTORM",
"id": "88621",
"ident": null
},
{
"date": "2010-04-15T22:26:05",
"db": "PACKETSTORM",
"id": "88387",
"ident": null
},
{
"date": "2010-06-04T04:25:14",
"db": "PACKETSTORM",
"id": "90263",
"ident": null
},
{
"date": "2010-04-20T15:07:58",
"db": "PACKETSTORM",
"id": "88698",
"ident": null
},
{
"date": "2010-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201003-393",
"ident": null
},
{
"date": "2010-04-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001227",
"ident": null
},
{
"date": "2010-03-26T18:30:00.467000",
"db": "NVD",
"id": "CVE-2010-0740",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0740",
"ident": null
},
{
"date": "2015-04-13T22:05:00",
"db": "BID",
"id": "39013",
"ident": null
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201003-393",
"ident": null
},
{
"date": "2011-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001227",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-0740",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "88621"
},
{
"db": "PACKETSTORM",
"id": "88698"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "OpenSSL of ssl3_get_record Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
}
],
"trust": 0.6
}
}
VAR-200110-0170
Vulnerability from variot - Updated: 2026-03-09 21:13The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.". Wireshark contains a vulnerability in the XOT dissector that may cause the application to crash. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: gzip Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA21996
VERIFY ADVISORY: http://secunia.com/advisories/21996/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
SOFTWARE: gzip 1.x http://secunia.com/product/4220/
DESCRIPTION: Tavis Ormandy has reported some vulnerabilities in gzip, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
1) A boundary error within the "make_table()" function in unlzh.c can be used to modify certain stack data. tricking a user or automated system into unpacking a specially crafted archive file. tricking a user or automated system into unpacking a specially crafted "pack" archive file.
3) A buffer overflow within the "make_table()" function of gzip's LZH support can be exploited to cause a DoS and potentially to compromise a vulnerable system by e.g. tricking a user or automated system into unpacking an archive containing a specially crafted decoding table.
4) A NULL pointer dereference within the "huft_build()" function and an infinite loop within the LZH handling can be exploited to cause a DoS by e.g. tricking a user or automated system into unpacking a specially crafted archive file.
The vulnerabilities have been reported in version 1.3.5.
SOLUTION: Do not unpack untrusted archive files.
PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy, Google Security Team
ORIGINAL ADVISORY: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
OTHER REFERENCES: US-CERT VU#554780: http://www.kb.cert.org/vuls/id/554780
US-CERT VU#381508: http://www.kb.cert.org/vuls/id/381508
US-CERT VU#773548: http://www.kb.cert.org/vuls/id/773548
US-CERT VU#933712: http://www.kb.cert.org/vuls/id/933712
US-CERT VU#596848 http://www.kb.cert.org/vuls/id/596848
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA06-333A
Apple Releases Security Update to Address Multiple Vulnerabilities
Original release date: November 29, 2006 Last revised: -- Source: US-CERT
Systems Affected
* Apple Mac OS X version 10.3.x and 10.4.x
* Apple Mac OS X Server version 10.3.x and 10.4.x
* Apple Safari web browser
These vulnerabilities affect both Intel-based and PowerPC-based Apple systems.
Overview
Apple has released Security Update 2006-007 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser. Vulnerabilities in OpenSSL, gzip, and other products are also addressed.
I. Description
Apple Security Update 2006-007 addresses a number of vulnerabilities affecting Mac OS X, OS X Server, Safari web browser, and other products. Further details are available in the related vulnerability notes.
This security update also addresses previously known vulnerabilities in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. Information is also available through the OpenSSL vulnerabilities page. Information about the vulnerabilities in gzip is available in a series of vulnerability notes.
II. Impact
The impacts of these vulnerabilities vary. For specific details, see the appropriate vulnerability notes. Potential consequences include remote execution of arbitrary code or commands, bypass of security restrictions, and denial of service.
III. Solution
Install updates
Install Apple Security Update 2006-007.
IV. References
* Vulnerability Notes for Apple Security Update 2006-007 -
<http://www.kb.cert.org/vuls/byid?searchview&query=apple-2006-007>
* Vulnerability Notes for OpenSSL Security Advisory [28th September
2006] -
http://www.kb.cert.org/vuls/byid?searchview&query=openssl_secadv_20060928
* Vulnerability Note VU#845620 -
<http://www.kb.cert.org/vuls/id/845620>
* Vulnerability Note VU#933712 -
<http://www.kb.cert.org/vuls/id/933712>
* Vulnerability Note VU#381508 -
<http://www.kb.cert.org/vuls/id/381508>
* Vulnerability Note VU#554780 -
<http://www.kb.cert.org/vuls/id/554780>
* Vulnerability Note VU#596848 -
<http://www.kb.cert.org/vuls/id/596848>
* Vulnerability Note VU#773548 -
<http://www.kb.cert.org/vuls/id/773548>
* About the security content of Security Update 2006-007 -
<http://docs.info.apple.com/article.html?artnum=304829>
* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>
* Apple Downloads - <http://www.apple.com/support/downloads/>
* OpenSSL: OpenSSL vulnerabilities -
<http://www.openssl.org/news/vulnerabilities.html>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Safari>
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA06-333A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA06-333A Feedback VU#191336" in the subject.
Produced 2006 by US-CERT, a government organization.
Terms of use:
http://www.us-cert.gov/legal.html
Revision History
November 29, 2006: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6 lJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz iN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7 xr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf 8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q A580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg== =f7N+ -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "bc-java",
"scope": "lte",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.37"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.18"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.22"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.24"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.13"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.27"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.28"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.09"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.15"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.16"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.12"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.32"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.01"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.19"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.23"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.29"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.26"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.34"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.20"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.21"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.30"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.33"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.25"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.04"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.06"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.03"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.02"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.17"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.07"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.05"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.14"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.18"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.11"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.08"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.07"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.22"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.3.1"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.24"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.28"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.13"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.15"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.16"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.27"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.05"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.35"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.0"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.01"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.09"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.31"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.23"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.29"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.12"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.32"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.20"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.30"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.19"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.25"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.26"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.04"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.21"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.33"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.06"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.34"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.02"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.17"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.36"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.03"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.14"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "lte",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.35"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.10"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.11"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.08"
},
{
"_id": null,
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"_id": null,
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wireshark",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"_id": null,
"model": "crypto package",
"scope": "lt",
"trust": 0.8,
"vendor": "bouncy castle",
"version": "1.36"
},
{
"_id": null,
"model": "java cryptography api",
"scope": "lt",
"trust": 0.8,
"vendor": "bouncy castle",
"version": "1.38"
},
{
"_id": null,
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.35"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.34"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.33"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.28"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.23"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.27"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.32"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.36"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.26"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.25"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"_id": null,
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"_id": null,
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"_id": null,
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"_id": null,
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"_id": null,
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"_id": null,
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"_id": null,
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"_id": null,
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"_id": null,
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"_id": null,
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"_id": null,
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"_id": null,
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"_id": null,
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"_id": null,
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"_id": null,
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"_id": null,
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"_id": null,
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"_id": null,
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"_id": null,
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"_id": null,
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"_id": null,
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"_id": null,
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"_id": null,
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"_id": null,
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"_id": null,
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"_id": null,
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"_id": null,
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"_id": null,
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"_id": null,
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"_id": null,
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"_id": null,
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"_id": null,
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"_id": null,
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"_id": null,
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"_id": null,
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"_id": null,
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"_id": null,
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"_id": null,
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"_id": null,
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"_id": null,
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"_id": null,
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"_id": null,
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"_id": null,
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"_id": null,
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"_id": null,
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"_id": null,
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"_id": null,
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"_id": null,
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"_id": null,
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"_id": null,
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"_id": null,
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"_id": null,
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"_id": null,
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"_id": null,
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"_id": null,
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"_id": null,
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"_id": null,
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"_id": null,
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"_id": null,
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"_id": null,
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"_id": null,
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"_id": null,
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"_id": null,
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"_id": null,
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"_id": null,
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"_id": null,
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"_id": null,
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"_id": null,
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"_id": null,
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"_id": null,
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"_id": null,
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"_id": null,
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"_id": null,
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"_id": null,
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"_id": null,
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"_id": null,
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"_id": null,
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"_id": null,
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"_id": null,
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"_id": null,
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"_id": null,
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"_id": null,
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"_id": null,
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"_id": null,
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"_id": null,
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"_id": null,
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"_id": null,
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"_id": null,
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"_id": null,
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"_id": null,
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"_id": null,
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"_id": null,
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"_id": null,
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"_id": null,
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"_id": null,
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"_id": null,
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"_id": null,
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"_id": null,
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"_id": null,
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"_id": null,
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"_id": null,
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"_id": null,
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"_id": null,
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:bouncycastle:bouncy-castle-crypto-package",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
}
]
},
"credits": {
"_id": null,
"data": "Dr. S. N. Henson NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
}
],
"trust": 0.6
},
"cve": "CVE-2007-6721",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-6721",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-6721",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#773548",
"trust": 0.8,
"value": "1.57"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2007-6721",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200903-494",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"description": {
"_id": null,
"data": "The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\". Wireshark contains a vulnerability in the XOT dissector that may cause the application to crash. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\ngzip Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA21996\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21996/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\ngzip 1.x\nhttp://secunia.com/product/4220/\n\nDESCRIPTION:\nTavis Ormandy has reported some vulnerabilities in gzip, which can be\nexploited by malicious people to cause a DoS (Denial of Service) and\npotentially compromise a vulnerable system. \n\n1) A boundary error within the \"make_table()\" function in unlzh.c can\nbe used to modify certain stack data. tricking\na user or automated system into unpacking a specially crafted archive\nfile. tricking a user or\nautomated system into unpacking a specially crafted \"pack\" archive\nfile. \n\n3) A buffer overflow within the \"make_table()\" function of gzip\u0027s LZH\nsupport can be exploited to cause a DoS and potentially to compromise\na vulnerable system by e.g. tricking a user or automated system into\nunpacking an archive containing a specially crafted decoding table. \n\n4) A NULL pointer dereference within the \"huft_build()\" function and\nan infinite loop within the LZH handling can be exploited to cause a\nDoS by e.g. tricking a user or automated system into unpacking a\nspecially crafted archive file. \n\nThe vulnerabilities have been reported in version 1.3.5. \n\nSOLUTION:\nDo not unpack untrusted archive files. \n\nPROVIDED AND/OR DISCOVERED BY:\nTavis Ormandy, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676\n\nOTHER REFERENCES:\nUS-CERT VU#554780:\nhttp://www.kb.cert.org/vuls/id/554780\n\nUS-CERT VU#381508:\nhttp://www.kb.cert.org/vuls/id/381508\n\nUS-CERT VU#773548:\nhttp://www.kb.cert.org/vuls/id/773548\n\nUS-CERT VU#933712:\nhttp://www.kb.cert.org/vuls/id/933712\n\nUS-CERT VU#596848\nhttp://www.kb.cert.org/vuls/id/596848\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA06-333A\n\n\nApple Releases Security Update to Address Multiple Vulnerabilities\n\n Original release date: November 29, 2006\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Apple Mac OS X version 10.3.x and 10.4.x\n * Apple Mac OS X Server version 10.3.x and 10.4.x\n * Apple Safari web browser\n\n These vulnerabilities affect both Intel-based and PowerPC-based Apple\n systems. \n\n\nOverview\n\n Apple has released Security Update 2006-007 to correct multiple\n vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web\n browser. Vulnerabilities in OpenSSL, gzip, and other products are also\n addressed. \n\n\nI. Description\n\n Apple Security Update 2006-007 addresses a number of vulnerabilities\n affecting Mac OS X, OS X Server, Safari web browser, and other\n products. Further details are available in the related vulnerability\n notes. \n\n This security update also addresses previously known vulnerabilities\n in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. Information is also available through the OpenSSL\n vulnerabilities page. Information about the vulnerabilities in gzip is\n available in a series of vulnerability notes. \n\n\nII. Impact\n\n The impacts of these vulnerabilities vary. For specific details, see\n the appropriate vulnerability notes. Potential consequences include\n remote execution of arbitrary code or commands, bypass of security\n restrictions, and denial of service. \n\n\nIII. Solution\n\nInstall updates\n\n Install Apple Security Update 2006-007. \n\n\nIV. References\n\n * Vulnerability Notes for Apple Security Update 2006-007 -\n \u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e\n\n * Vulnerability Notes for OpenSSL Security Advisory [28th September\n 2006] -\n\u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e\n\n * Vulnerability Note VU#845620 -\n \u003chttp://www.kb.cert.org/vuls/id/845620\u003e\n\n * Vulnerability Note VU#933712 -\n \u003chttp://www.kb.cert.org/vuls/id/933712\u003e\n\n * Vulnerability Note VU#381508 -\n \u003chttp://www.kb.cert.org/vuls/id/381508\u003e\n\n * Vulnerability Note VU#554780 -\n \u003chttp://www.kb.cert.org/vuls/id/554780\u003e\n\n * Vulnerability Note VU#596848 -\n \u003chttp://www.kb.cert.org/vuls/id/596848\u003e\n\n * Vulnerability Note VU#773548 -\n \u003chttp://www.kb.cert.org/vuls/id/773548\u003e\n\n * About the security content of Security Update 2006-007 -\n \u003chttp://docs.info.apple.com/article.html?artnum=304829\u003e\n\n * Mac OS X: Updating your software -\n \u003chttp://docs.info.apple.com/article.html?artnum=106704\u003e\n\n * Apple Downloads - \u003chttp://www.apple.com/support/downloads/\u003e\n\n * OpenSSL: OpenSSL vulnerabilities -\n \u003chttp://www.openssl.org/news/vulnerabilities.html\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/#Safari\u003e\n\n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA06-333A.html\u003e\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA06-333A Feedback VU#191336\" in the\n subject. \n _________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n\n _________________________________________________________________\n\n Revision History\n\n November 29, 2006: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6\nlJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz\niN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7\nxr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf\n8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q\nA580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg==\n=f7N+\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6721"
},
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "52708"
}
],
"trust": 6.39
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2007-6721",
"trust": 2.7
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "50358",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "50360",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "50359",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#773548",
"trust": 1.0
},
{
"db": "BID",
"id": "20762",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22692",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22672",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22797",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22841",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22929",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22590",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22659",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#723736",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2007.0014",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716",
"trust": 0.8
},
{
"db": "MLIST",
"id": "[DEV-CRYPTO] 20071109 BOUNCY CASTLE CRYPTO PROVIDER PACKAGE VERSION 1.36 NOW AVAILABLE",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494",
"trust": 0.6
},
{
"db": "BID",
"id": "19849",
"trust": 0.3
},
{
"db": "CERT/CC",
"id": "VU#554780",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#933712",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#596848",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#381508",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "21996",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "50178",
"trust": 0.1
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52708",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"id": "VAR-200110-0170",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333334
},
"last_update_date": "2026-03-09T21:13:45.333000Z",
"patch": {
"_id": null,
"data": [
{
"title": "msg08195",
"trust": 0.8,
"url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.9,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 1.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.6,
"url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"
},
{
"trust": 1.6,
"url": "http://www.bouncycastle.org/csharp/"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/50360"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/50359"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/50358"
},
{
"trust": 1.6,
"url": "http://www.bouncycastle.org/releasenotes.html"
},
{
"trust": 1.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.wireshark.org/security/wnpa-sec-2006-03.html "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20762 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22590 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22659/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22672/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22692/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22797/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22841/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22929/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.gzip.org/"
},
{
"trust": 0.8,
"url": "http://www.auscert.org.au/7179"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6721"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6721"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508"
},
{
"trust": 0.1,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4220/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21996/"
},
{
"trust": 0.1,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/845620\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848\u003e"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/news/vulnerabilities.html\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=304829\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/#safari\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=106704\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#723736",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#773548",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#594904",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"db": "BID",
"id": "19849",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50178",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "52708",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2007-6721",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#723736",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2006-09-19T00:00:00",
"db": "CERT/CC",
"id": "VU#773548",
"ident": null
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849",
"ident": null
},
{
"date": "2006-09-21T23:56:25",
"db": "PACKETSTORM",
"id": "50178",
"ident": null
},
{
"date": "2006-12-06T02:47:36",
"db": "PACKETSTORM",
"id": "52708",
"ident": null
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-494",
"ident": null
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002716",
"ident": null
},
{
"date": "2009-03-30T01:30:00.217000",
"db": "NVD",
"id": "CVE-2007-6721",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2006-12-20T00:00:00",
"db": "CERT/CC",
"id": "VU#723736",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#773548",
"ident": null
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849",
"ident": null
},
{
"date": "2009-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-494",
"ident": null
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002716",
"ident": null
},
{
"date": "2025-05-12T17:37:16.527000",
"db": "NVD",
"id": "CVE-2007-6721",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Wireshark contains an unspecified vulnerability in the XOT dissector",
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
}
],
"trust": 0.6
}
}
VAR-200706-0660
Vulnerability from variot - Updated: 2026-03-09 20:29cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value. The Apache mod_cache module is prone to a denial-of-service vulnerability. A remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM). This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated (CVE-2007-3304).
Updated packages have been patched to prevent the above issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
Updated Packages:
Mandriva Linux 2007.0: 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.1: 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Corporate 4.0: 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS Re00IyLecNs4MIGgsrv2qJE= =5EEm -----END PGP SIGNATURE-----
.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.6 *>= 2.0.59-r5 >= 2.2.6
Description
Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
Impact
A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
[ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01178795 Version: 1
HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-02 Last Updated: 2007-10-02
Potential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code.
References: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache
BACKGROUND To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision A.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01
action: install revision B.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability. HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. The update is available on https://www.hp.com/go/softwaredepot/ Note: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00.
MANUAL ACTIONS: Yes - Update Install HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 02 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ HHoe3AY1sc6hrW3Xk+B1hcbr =+E1W -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-499-1 August 16, 2007 apache2 vulnerabilities CVE-2006-5752, CVE-2007-1863, CVE-2007-3304 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.2 apache2-mpm-prefork 2.0.55-4ubuntu2.2 apache2-mpm-worker 2.0.55-4ubuntu2.2
Ubuntu 6.10: apache2-common 2.0.55-4ubuntu4.1 apache2-mpm-prefork 2.0.55-4ubuntu4.1 apache2-mpm-worker 2.0.55-4ubuntu4.1
Ubuntu 7.04: apache2-mpm-prefork 2.2.3-3.2ubuntu0.1 apache2-mpm-worker 2.2.3-3.2ubuntu0.1 apache2.2-common 2.2.3-3.2ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. (CVE-2006-5752)
Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)
A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz
Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc
Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb
Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171082 4318f93373b705563251f377ed398614
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 131850 951a4573901bc2f10d5febf940d57516
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171864 200ab662b2c13786658486df37fda881
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz
Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc
Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb
Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 171304 c4395af051e876228541ef5b8037d979
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 172078 01ccd554177364747b08e2933f121d2c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 93240 4573597317416869646eb2ea42cd0945
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 211578 9407383d85db831dab728b39cce9acc8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz
Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc
Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 2199184 c03756f87cb164213428532f70e0c198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 341312 906819b0de863209575aa65d39a594a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 446960 af1b667708e062f81bca4e995355394d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 404146 fd35e65fadd836feb0190b209947b466
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 430574 7b690896da23a151ee5e106d596c1143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 343370 1572a001a612add57d23350210ac1736
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.1"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.6"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.5"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.7"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.4"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.7"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.2"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.2"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.0"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.1"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.4"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.1"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.5"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.5"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.4"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.5"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.37"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.4"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.6"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.7"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.6"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.9"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.9"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.8"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.59 and earlier"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"_id": null,
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47"
},
{
"_id": null,
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.4 and earlier"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "version"
},
{
"_id": null,
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"_id": null,
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"_id": null,
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0.5"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"_id": null,
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"_id": null,
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "fedora core7",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"_id": null,
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"_id": null,
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.021"
},
{
"_id": null,
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.017"
},
{
"_id": null,
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.7"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.6"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.5"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.4"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.2"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"_id": null,
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"_id": null,
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"_id": null,
"model": "a9",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.36"
},
{
"_id": null,
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.34"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.33"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.32"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.31"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.28"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.27"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.25"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.23"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.18"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"_id": null,
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.7"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.2.5"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.2"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.5"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.2"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0"
},
{
"_id": null,
"model": "2.2.5-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "2.0.60-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "24649"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
}
]
},
"credits": {
"_id": null,
"data": "Niklas Edmundsson",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
}
],
"trust": 0.6
},
"cve": "CVE-2007-1863",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-1863",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-25225",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-1863",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-1863",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-496",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-25225",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25225"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"description": {
"_id": null,
"data": "cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value. The Apache mod_cache module is prone to a denial-of-service vulnerability. \nA remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM). This could lead to a denial of service\n if using a threaded MPM (CVE-2007-1863). A local attacker with the\n ability to run scripts on the server could manipulate the scoreboard\n and cause arbitrary processes to be terminated (CVE-2007-3304). \n \n Updated packages have been patched to prevent the above issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm\n 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm\n 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm\n bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm\n c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm\n 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm\n d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm\n 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm\n f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm\n ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm\n d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm\n fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm\n 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm\n 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm\n 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm\n ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm\n c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm\n 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm\n 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm\n fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm\n 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm\n b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm\n 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm\n feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm\n a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm\n da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm\n ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm\n 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm\n 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm\n 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm\n d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm\n 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm\n f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm\n 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm\n adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm\n 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm\n 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm\n 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm\n 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm\n 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm\n b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm\n 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm\n 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm\n afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm\n d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm\n abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm\n b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm\n 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm\n 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm\n caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm\n e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Corporate 4.0:\n 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm\n 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm\n ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm\n 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm\n b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm\n c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm\n 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm\n a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm\n 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm\n 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm\n 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm\n 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm\n ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm\n a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm\n babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS\nRe00IyLecNs4MIGgsrv2qJE=\n=5EEm\n-----END PGP SIGNATURE-----\n\n. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.2.6 *\u003e= 2.0.59-r5\n \u003e= 2.2.6\n\nDescription\n===========\n\nMultiple cross-site scripting vulnerabilities have been discovered in\nmod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error\nhas been discovered in the recall_headers() function in mod_mem_cache\n(CVE-2007-1862). The mod_cache module does not properly sanitize\nrequests before processing them (CVE-2007-1863). The Prefork module\ndoes not properly check PID values before sending signals\n(CVE-2007-3304). The mod_proxy module does not correctly check headers\nbefore processing them (CVE-2007-3847). \n\nImpact\n======\n\nA remote attacker could exploit one of these vulnerabilities to inject\narbitrary script or HTML content, obtain sensitive information or cause\na Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.0.59-r5\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n [ 2 ] CVE-2007-1862\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862\n [ 3 ] CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n [ 4 ] CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n [ 5 ] CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n [ 6 ] CVE-2007-4465\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200711-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01178795\nVersion: 1\n\nHPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-02\nLast Updated: 2007-10-02\n\nPotential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code. \n\nReferences: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache\n\nBACKGROUND\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended patch or update is installed. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision A.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \n\naction: install revision B.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \nHP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \nThe update is available on https://www.hp.com/go/softwaredepot/ \nNote: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00. \n\nMANUAL ACTIONS: Yes - Update \nInstall HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 02 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ\nHHoe3AY1sc6hrW3Xk+B1hcbr\n=+E1W\n-----END PGP SIGNATURE-----\n. =========================================================== \nUbuntu Security Notice USN-499-1 August 16, 2007\napache2 vulnerabilities\nCVE-2006-5752, CVE-2007-1863, CVE-2007-3304\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.2\n apache2-mpm-prefork 2.0.55-4ubuntu2.2\n apache2-mpm-worker 2.0.55-4ubuntu2.2\n\nUbuntu 6.10:\n apache2-common 2.0.55-4ubuntu4.1\n apache2-mpm-prefork 2.0.55-4ubuntu4.1\n apache2-mpm-worker 2.0.55-4ubuntu4.1\n\nUbuntu 7.04:\n apache2-mpm-prefork 2.2.3-3.2ubuntu0.1\n apache2-mpm-worker 2.2.3-3.2ubuntu0.1\n apache2.2-common 2.2.3-3.2ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nStefan Esser discovered that mod_status did not force a character set,\nwhich could result in browsers becoming vulnerable to XSS attacks when\nprocessing the output. If a user were tricked into viewing server\nstatus output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such as\npasswords), within the same domain. By default, mod_status is disabled\nin Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made to\ncrash using a specially crafted request. A remote user could use this\nto cause a denial of service if Apache was configured to use a threaded\nworker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local\nattacker could trick Apache into sending SIGUSR1 to other processes. \nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz\n Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc\n Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb\n Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171082 4318f93373b705563251f377ed398614\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 131850 951a4573901bc2f10d5febf940d57516\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171864 200ab662b2c13786658486df37fda881\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz\n Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc\n Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb\n Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 171304 c4395af051e876228541ef5b8037d979\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 172078 01ccd554177364747b08e2933f121d2c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 93240 4573597317416869646eb2ea42cd0945\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 211578 9407383d85db831dab728b39cce9acc8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz\n Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc\n Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 2199184 c03756f87cb164213428532f70e0c198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 341312 906819b0de863209575aa65d39a594a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 446960 af1b667708e062f81bca4e995355394d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 404146 fd35e65fadd836feb0190b209947b466\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 430574 7b690896da23a151ee5e106d596c1143\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 343370 1572a001a612add57d23350210ac1736\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1863"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "BID",
"id": "24649"
},
{
"db": "VULHUB",
"id": "VHN-25225"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
}
],
"trust": 2.52
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2007-1863",
"trust": 3.4
},
{
"db": "BID",
"id": "24649",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "26822",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25873",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27563",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26842",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26443",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27037",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26993",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26273",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25920",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26508",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25830",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28606",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3386",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3283",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0233",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-2727",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "37079",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018303",
"trust": 1.7
},
{
"db": "USCERT",
"id": "SA08-150A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-87746",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-25225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57505",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58667",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25225"
},
{
"db": "BID",
"id": "24649"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"id": "VAR-200706-0660",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25225"
}
],
"trust": 0.26519225
},
"last_update_date": "2026-03-09T20:29:20.415000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Fixed in Apache httpd 2.0.61-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.61-dev"
},
{
"title": "Fixed in Apache httpd 2.2.6-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.6-dev"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01178795"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02262.html"
},
{
"title": "4017303",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017303"
},
{
"title": "Fix Pack 13 (6.1.0.13)",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951#61013"
},
{
"title": "PK49355",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355"
},
{
"title": "4017141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017141"
},
{
"title": "httpd (V3.0,V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1073"
},
{
"title": "apache (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1078"
},
{
"title": "RHSA-2007:0533",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0533.html"
},
{
"title": "RHSA-2007:0534",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0534.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0556.html"
},
{
"title": "TLSA-2007-41",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/TLSA-2007-41.txt"
},
{
"title": "RHSA-2007:0533",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0533J.html"
},
{
"title": "RHSA-2007:0534",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0534J.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0556J.html"
},
{
"title": "TLSA-2007-41",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-41j.txt"
},
{
"title": "interstage_as_200802",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200802.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/24649"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk49355"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702"
},
{
"trust": 2.0,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0533.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0534.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0556.html"
},
{
"trust": 2.0,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-353.htm"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200711-06.xml"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018303"
},
{
"trust": 1.7,
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25830"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25873"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25920"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26273"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26443"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26508"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26822"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26842"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26993"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27037"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27563"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27732"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28606"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.7,
"url": "http://osvdb.org/37079"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2727"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3283"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0233"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01178795"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:140"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:141"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0557.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-499-1"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=186219"
},
{
"trust": 1.7,
"url": "https://issues.rpath.com/browse/rpl-1500"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9824"
},
{
"trust": 1.6,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=535617"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-150a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-150a/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1863"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-150a.html"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs."
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.3,
"url": "/archive/1/481830"
},
{
"trust": 0.3,
"url": "/archive/1/479708"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-327.htm"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://svn.apache.org/viewvc?view=rev\u0026amp;revision=535617"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1358"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/softwaredepot/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1355"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3386"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2450"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3382"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2756"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3385"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2449"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25225"
},
{
"db": "BID",
"id": "24649"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-25225",
"ident": null
},
{
"db": "BID",
"id": "24649",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "57506",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "57505",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "60759",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "59939",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "58667",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2007-1863",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2007-06-27T00:00:00",
"db": "VULHUB",
"id": "VHN-25225",
"ident": null
},
{
"date": "2007-06-26T00:00:00",
"db": "BID",
"id": "24649",
"ident": null
},
{
"date": "2007-07-07T04:30:58",
"db": "PACKETSTORM",
"id": "57506",
"ident": null
},
{
"date": "2007-07-07T04:29:41",
"db": "PACKETSTORM",
"id": "57505",
"ident": null
},
{
"date": "2007-11-07T20:27:55",
"db": "PACKETSTORM",
"id": "60759",
"ident": null
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"date": "2007-10-10T05:27:27",
"db": "PACKETSTORM",
"id": "59939",
"ident": null
},
{
"date": "2007-08-17T06:30:14",
"db": "PACKETSTORM",
"id": "58667",
"ident": null
},
{
"date": "2007-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-496",
"ident": null
},
{
"date": "2007-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000506",
"ident": null
},
{
"date": "2007-06-27T17:30:00",
"db": "NVD",
"id": "CVE-2007-1863",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-25225",
"ident": null
},
{
"date": "2010-08-05T21:15:00",
"db": "BID",
"id": "24649",
"ident": null
},
{
"date": "2023-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-496",
"ident": null
},
{
"date": "2009-02-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000506",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-1863",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Apache HTTP Server of mod_cache In module null The problem of caching values that are",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
}
],
"trust": 0.6
}
}
VAR-201006-1188
Vulnerability from variot - Updated: 2026-03-09 20:23Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. Libpng contains a vulnerability in the way it handles images containing an extra row of image data beyond the height reported in the image header. libpng is a PNG reference library that can create, read and write PNG graphics files. There is a buffer overflow vulnerability in the libpng library when processing graphics row data. If the graphics file provides an extra graphics row that is higher than the height reported in the header, this overflow can be triggered, resulting in arbitrary code execution; in addition, when processing a certain There may be a memory leak when some sCAL blocks are used, and specially crafted PNG graphics may cause a denial of service. ----------------------------------------------------------------------
"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420."
Non-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:
http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf
TITLE: Mozilla Thunderbird Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA40642
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40642/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40642
RELEASE DATE: 2010-07-22
DISCUSS ADVISORY: http://secunia.com/advisories/40642/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40642/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40642
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Some weaknesses and vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose potentially sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
For more information: SA39925
SOLUTION: Update to Thunderbird 3.0.6 and 3.1.1.
ORIGINAL ADVISORY: http://www.mozilla.org/security/announce/2010/mfsa2010-34.html http://www.mozilla.org/security/announce/2010/mfsa2010-38.html http://www.mozilla.org/security/announce/2010/mfsa2010-39.html http://www.mozilla.org/security/announce/2010/mfsa2010-40.html http://www.mozilla.org/security/announce/2010/mfsa2010-41.html http://www.mozilla.org/security/announce/2010/mfsa2010-42.html http://www.mozilla.org/security/announce/2010/mfsa2010-43.html http://www.mozilla.org/security/announce/2010/mfsa2010-44.html http://www.mozilla.org/security/announce/2010/mfsa2010-46.html http://www.mozilla.org/security/announce/2010/mfsa2010-47.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
CVE-2010-1208
"regenrecht" discovered that incorrect memory handling in DOM
parsing could lead to the execution of arbitrary code.
CVE-2010-1211
Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary
Kwong, Tobias Markus and Daniel Holbert discovered crashes in the
layout engine, which might allow the execution of arbitrary code.
CVE-2010-2751
Jordi Chancel discovered that the location could be spoofed to
appear like a secured page.
CVE-2010-2753
"regenrecht" discovered that incorrect memory handling in XUL
parsing could lead to the execution of arbitrary code.
CVE-2010-2754
Soroush Dalili discovered an information leak in script processing.
For the stable distribution (lenny), these problems have been fixed in version 1.9.0.19-3.
For the unstable distribution (sid), these problems have been fixed in version 1.9.1.11-1.
For the experimental distribution, these problems have been fixed in version 1.9.2.7-1.
We recommend that you upgrade your xulrunner packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.diff.gz Size/MD5 checksum: 149955 e6ec4540373a8dfbea5c1e63f5b628b2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.dsc Size/MD5 checksum: 1755 59f9033377f2450ad114d9ee4367f9c7 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e
Architecture independent packages:
http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-3_all.deb Size/MD5 checksum: 1466246 a3b5c8b34df7e2077a5e3c5c0d911b85
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_alpha.deb Size/MD5 checksum: 165496 ad7c134eeadc1a2aa751c289052d32f1 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_alpha.deb Size/MD5 checksum: 433152 57f7a88c05eece5c0ea17517646267bb http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_alpha.deb Size/MD5 checksum: 72550 b581302383396b57f7e07aa4564245b3 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_alpha.deb Size/MD5 checksum: 51155444 37595efd28303ec3a88d294b58c1e7aa http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_alpha.deb Size/MD5 checksum: 9487312 452f2c3b26bb249711720ade76e77c3f http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_alpha.deb Size/MD5 checksum: 223422 9ce6e6f35412321405c27618a3550763 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_alpha.deb Size/MD5 checksum: 113478 f4946488381af317acb3bd27da3e372e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_alpha.deb Size/MD5 checksum: 940250 abb2d020d4cce2e5547d17dd94323cee http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_alpha.deb Size/MD5 checksum: 3357434 a26b339fee481f1ae5494ee0983e3e75
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_amd64.deb Size/MD5 checksum: 50381710 4e6df9133e326ca7fe1d91adab87609b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_amd64.deb Size/MD5 checksum: 3291324 01a75923a6b796c2e1f3c02e4584072f http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_amd64.deb Size/MD5 checksum: 152266 0a9e05d5e36920cf9cb6c9e39357679b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_amd64.deb Size/MD5 checksum: 7735106 eedecb0183cd911bf7416be5f61cf88e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_amd64.deb Size/MD5 checksum: 374604 7a71d4ce527727f43225fc1cdc6b3915 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_amd64.deb Size/MD5 checksum: 70226 f8860e988f030333c59f893582e17da0 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_amd64.deb Size/MD5 checksum: 890738 0db2e5b458ae1495dce575688a27ef2a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_amd64.deb Size/MD5 checksum: 223326 1d128ae917c5dab4e977ffb018cb704c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_amd64.deb Size/MD5 checksum: 101830 2bb9a62d6454d0b7ef6da98cc07b4013
arm architecture (ARM)
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_arm.deb Size/MD5 checksum: 140950 d9044d5f823661f4a1ef11c47971d6e2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_arm.deb Size/MD5 checksum: 3584768 6ff8221347684a334d6f358d2c8f2dcc http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_arm.deb Size/MD5 checksum: 6802070 e489c87976c243d040f568a8e04a7466 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_arm.deb Size/MD5 checksum: 351056 dd61fc5b425e296ef00120b4cfbc5604 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_arm.deb Size/MD5 checksum: 68552 819703fc0550ee6473572ea3655ab1f5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_arm.deb Size/MD5 checksum: 84224 f3915220a86a6a31e48b845d2af7f249 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_arm.deb Size/MD5 checksum: 222376 cb0563f3e5220ceb6f42b8e6471eb883 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_arm.deb Size/MD5 checksum: 49349776 4037a4ab7eeb964c24c95fbb905edbe6 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_arm.deb Size/MD5 checksum: 815334 c055e242c82b7643c67712602e4f3215
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_armel.deb Size/MD5 checksum: 822978 f8609edb961b6c71732c17575393644a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_armel.deb Size/MD5 checksum: 6962470 fc143ac75279405ef99a3e045439adeb http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_armel.deb Size/MD5 checksum: 3583846 db81fc2e4c8a30fbaf0b176f6d7e77a5 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_armel.deb Size/MD5 checksum: 142446 016a6aa2efa9e49788c97bc925d90bbb http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_armel.deb Size/MD5 checksum: 353294 65f40d8a434c6b430685ef1a54246888 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_armel.deb Size/MD5 checksum: 50182030 97009b62c3d65b5e715f363d7a5a2e0c http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_armel.deb Size/MD5 checksum: 223380 30fd707dea85e43894c84036115920a3 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_armel.deb Size/MD5 checksum: 70694 e5892c32e9850d86138ebf15ad317b63 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_armel.deb Size/MD5 checksum: 84758 a94402fed374f82a1ffeb338cb2a4cbb
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_hppa.deb Size/MD5 checksum: 223614 ea284c98cc97b10b879d6174b81cb486 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_hppa.deb Size/MD5 checksum: 899460 290c89b8835d773b8fd240f5610dc63c http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_hppa.deb Size/MD5 checksum: 72280 1d32724f444212696e28d15dc22386af http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_hppa.deb Size/MD5 checksum: 413386 e78a2aabb581f3f7f8da9cb531d6a883 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_hppa.deb Size/MD5 checksum: 158762 89855347fdf8833df8fd643cfd6a2f10 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_hppa.deb Size/MD5 checksum: 51267722 b51b03ef591a26a4bb72fb0c58e610c0 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_hppa.deb Size/MD5 checksum: 3632562 2d9a207f01319a7bd8f3eb72b3762c77 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_hppa.deb Size/MD5 checksum: 9523510 0f38b76b0074881d4b12823eedc40846 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_hppa.deb Size/MD5 checksum: 106998 32d701f55bd4cc6e0f7160c3b5db43aa
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_i386.deb Size/MD5 checksum: 49553140 cd9fb750075df895e2ad46a8fe4c8bdf http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_i386.deb Size/MD5 checksum: 852228 f04ee6f2c26e9bda77477d64a13f3c53 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_i386.deb Size/MD5 checksum: 79554 e69019a20fc3e8750faf73961cae8a38 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_i386.deb Size/MD5 checksum: 224454 c7e441828615fa66d9907b6407a2b1ad http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_i386.deb Size/MD5 checksum: 351828 85e4711445491850841c2f05102f2bd2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_i386.deb Size/MD5 checksum: 6609818 b99e5d5f75686adcea1c3570fb82ead5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_i386.deb Size/MD5 checksum: 3573826 2869c274453928b8b110d8aee7dcba96 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_i386.deb Size/MD5 checksum: 142966 847a37421b7980378c81c5e818c2df3d http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_i386.deb Size/MD5 checksum: 68968 1eee7343caee6a8a23a141bf6b653fa4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_ia64.deb Size/MD5 checksum: 224078 a9dc6949ac6ef39884d1cb58929e20fc http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_ia64.deb Size/MD5 checksum: 3693822 602f37b927bc425803730a66d17e8bec http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_ia64.deb Size/MD5 checksum: 542370 6015bef0d96154f73c32b2031c8bbf70 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_ia64.deb Size/MD5 checksum: 77166 1a94ec379b6e210cf35c1116939fc5f7 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_ia64.deb Size/MD5 checksum: 813100 d0cdc640bf4a68973942cf563b7f7d7b http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_ia64.deb Size/MD5 checksum: 181192 54ef9505c0b0a0b62539dc3d983a8f83 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_ia64.deb Size/MD5 checksum: 11340432 b833d183a5337231c512aba60e733213 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_ia64.deb Size/MD5 checksum: 49734538 21b8086eb33e228f4a3800307a721558 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_ia64.deb Size/MD5 checksum: 121688 1e8f51c8c5d1097d5c0e4b8fd6743ec7
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mips.deb Size/MD5 checksum: 3611102 8f2980b314f14ff7cf1c244ed11ee638 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mips.deb Size/MD5 checksum: 145574 f38aa4d16323e517d075d1de833a7a35 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mips.deb Size/MD5 checksum: 380888 73bf50fdf8fd49a2251f3c13db9e0a2c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mips.deb Size/MD5 checksum: 7677088 d034f72357eb3276850bea226dfc3489 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mips.deb Size/MD5 checksum: 96932 9c55e0f731b1a507e77abb54ea7c2b08 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mips.deb Size/MD5 checksum: 223126 cc6d3e47d51d4a15cd05ef6af47560c2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mips.deb Size/MD5 checksum: 51902590 b9cafda15eba1ae28b5b054bd82e9d62 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mips.deb Size/MD5 checksum: 919306 764f458b99647036fbdb1b36768e9b99 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mips.deb Size/MD5 checksum: 70412 c674d096e73e7f353733e502bbc9cd05
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 378984 c66e5ff8815e2386755ece9c9a34b820 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 50034074 88479753fa54a417df183b78d0bb6ed1 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 145324 a801aeefc7fbf555ab407eaeb4c35295 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 70170 3145be02d89d6e205de5d89b269b9d8d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 3311114 4dac1eff7f53b49976d984606e76afe6 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 900836 6727b545324904a39f31261db59f516b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 97046 2953be8b2d4df3994abd68d6f95de215 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 7384772 6666f68f98fa2cc81d9e3106c958360b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 223416 a3ad25d92dc8f8e09352bc1fbce07989
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 95068 18f76fe7d470194c6320df8b42e7b09b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 888120 b426372622e1ac0164db3f25589a5447 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 152544 e3b9205b45b66a3fcf4937c44897a7d8 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 3285670 a63c4ce33c3f482584b32cfe50488700 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 7287440 f9d042196ccedd4dfb4da6d3e45ca2b1 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 51458688 a669258d296192b6bd48b68006f9b618 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 223412 b900b19a182c059590bfcdb9495851ef http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 73306 94fdad8b176e63c0c791d19a026ce4b0 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 362778 79f1ea4633cf0147da60871533750312
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_s390.deb Size/MD5 checksum: 156410 6e986f5714d7052295a32253daea02a9 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_s390.deb Size/MD5 checksum: 73182 f3b9b343586f554ac37e5c7c8970a28a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_s390.deb Size/MD5 checksum: 407006 5919961e64253609b9eacc6a31a19b87 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_s390.deb Size/MD5 checksum: 8401766 a23f6d0b7ac0b83997635feff3977ac2 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_s390.deb Size/MD5 checksum: 223402 f08c12d85314436f6331b75e2e18b1c7 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_s390.deb Size/MD5 checksum: 909824 8c8c3aa62be4c19e97351562dcbe1694 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_s390.deb Size/MD5 checksum: 3308768 50226e505e97362404ffbe3e770775fe http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_s390.deb Size/MD5 checksum: 105828 1e5fc5d7be3c5ab803dd71e8391c06bb http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_s390.deb Size/MD5 checksum: 51242096 ebae3e5b1eb3fd2d9470cbe117b8ced9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_sparc.deb Size/MD5 checksum: 49406432 caf251c788fe4f76679f600bd1d7b1c0 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_sparc.deb Size/MD5 checksum: 70192 33434a3b887ac076d88c0a4e425b3c29 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_sparc.deb Size/MD5 checksum: 144136 359a3cac1ee340f79eb9a53ac65f62ed http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_sparc.deb Size/MD5 checksum: 7181582 4b0f8aaf9a51e7c76073afbb7ea33c6e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_sparc.deb Size/MD5 checksum: 3583844 11cb9b988b9eac3564f11ed310a8d77e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_sparc.deb Size/MD5 checksum: 84544 0646f157f384a6a1ffcc3052035d1789 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_sparc.deb Size/MD5 checksum: 350470 1c643effc57e45c6afc964f2284cda7e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_sparc.deb Size/MD5 checksum: 223260 77281a13fcc78aacd93cf479621ccf74 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_sparc.deb Size/MD5 checksum: 821854 32eba751571daa1dcd4db30e7a3b7b2c
These files will probably be moved into the stable distribution on its next update. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
Background
AMD64 x86 emulation base libraries provides pre-compiled 32-bit libraries. They are included in this advisory for the sake of completeness. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425
- Summary
VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.
- Relevant releases
VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,
Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.
- Problem Description
a. VMware Workstation and Player installer security issue
The Workstation 7.x and Player 3.x installers will load an index.htm
file located in the current working directory on which Workstation
7.x or Player 3.x is being installed. This may allow an attacker to
display a malicious file if they manage to get their file onto the
system prior to installation.
The issue can only be exploited at the time that Workstation 7.x or
Player 3.x is being installed. Installed versions of Workstation and
Player are not affected. The security issue is no longer present in
the installer of the new versions of Workstation 7.x and Player 3.x
(see table below for the version numbers).
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3277 to this issue.
VMware would like to thank Alexander Trofimov and Marc Esher for
independently reporting this issue to VMware.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any 7.1.2 build 301548 or later *
Workstation 6.5.x any not affected
Player 3.x any 3.1.2 build 301548 or later *
Player 2.5.x any not affected
AMS any any not affected
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable. Third party libpng updated to version 1.2.44
A buffer overflow condition in libpng is addressed that could potentially lead to code execution with the privileges of the application using libpng. Two potential denial of service issues are also addressed in the update.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249 to these issues.
The following table lists what action remediates the vulnerability (column 4) if a solution is available.
VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected
Workstation 7.1.x any 7.1.2 build 301548 or later Workstation 6.5.x any affected, patch pending
Player 3.1.x any 3.1.2 build 301548 or later Player 2.5.x any affected, patch pending
AMS any any not affected
Server any any affected, no patch planned
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.
A function in Apache HTTP Server when multithreaded MPM is used
does not properly handle headers in subrequests in certain
circumstances which may allow remote attackers to obtain sensitive
information via a crafted request that triggers access to memory
locations associated with an earlier request.
The Apache mod_isapi module can be forced to unload a specific
library before the processing of a request is complete, resulting
in memory corruption.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation any any not affected
Player any any not affected
AMS any Windows 2.7.2 build 301548 or later
AMS any Linux affected, patch pending *
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note CVE-2010-0425 is not applicable to AMS running on Linux
-
Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 7.1.2
http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html
Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: 2e9715ec297dc3ca904ad2707d3e2614
sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a
Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 066929f59aef46f11f4d9fd6c6b36e4d
sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3
VMware Player 3.1.2
http://www.vmware.com/download/player/ Release notes:
http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html
VMware Player for Windows 32-bit and 64-bit
md5sum: 3f289cb33af5e425c92d8512fb22a7ba
sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70
VMware Player for Linux 32-bit
md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8
sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749
VMware Player for Linux 64-bit
md5sum: 2ab08e0d4050719845a64d334ca15bb1
sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c
VMware ACE Management Server 2.7.2
http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html
ACE Management Server for Windows
md5sum: 02f0072b8e48a98ed914b633f070d550
sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
- Change log
2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware Security Advisories http://www.vmware.com/security/advisoiries
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-08
http://security.gentoo.org/
Severity: High Title: Multiple packages, Multiple vulnerabilities fixed in 2010 Date: December 11, 2014 Bugs: #159556, #208464, #253822, #259968, #298067, #300375, #300943, #302478, #307525, #307633, #315235, #316697, #319719, #320961, #322457, #325507, #326759, #326953, #329125, #329939, #331421, #332527, #333661 ID: 201412-08
Synopsis
This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. Please see the package list and CVE identifiers below for more information.
Background
For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-util/insight < 6.7.1-r1 >= 6.7.1-r1 2 dev-perl/perl-tk < 804.028-r2 >= 804.028-r2 3 dev-util/sourcenav < 5.1.4 >= 5.1.4 4 dev-lang/tk < 8.4.18-r1 >= 8.4.18-r1 5 sys-block/partimage < 0.6.8 >= 0.6.8 6 app-antivirus/bitdefender-console <= 7.1 Vulnerable! 7 net-mail/mlmmj < 1.2.17.1 >= 1.2.17.1 8 sys-apps/acl < 2.2.49 >= 2.2.49 9 x11-apps/xinit < 1.2.0-r4 >= 1.2.0-r4 10 app-arch/gzip < 1.4 >= 1.4 11 app-arch/ncompress < 4.2.4.3 >= 4.2.4.3 12 dev-libs/liblzw < 0.2 >= 0.2 13 media-gfx/splashutils < 1.5.4.3-r3 >= 1.5.4.3-r3 14 sys-devel/m4 < 1.4.14-r1 >= 1.4.14-r1 15 kde-base/kdm < 4.3.5-r1 >= 4.3.5-r1 16 x11-libs/gtk+ < 2.18.7 >= 2.18.7 17 kde-base/kget < 4.3.5-r1 >= 4.3.5-r1 18 app-text/dvipng < 1.13 >= 1.13 19 app-misc/beanstalkd < 1.4.6 >= 1.4.6 20 sys-apps/pmount < 0.9.23 >= 0.9.23 21 sys-auth/pam_krb5 < 4.3 >= 4.3 22 app-text/gv < 3.7.1 >= 3.7.1 23 net-ftp/lftp < 4.0.6 >= 4.0.6 24 www-client/uzbl < 2010.08.05 >= 2010.08.05 25 x11-misc/slim < 1.3.2 >= 1.3.2 26 net-misc/iputils < 20100418 >= 20100418 27 media-tv/dvbstreamer < 1.1-r1 >= 1.1-r1 ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 27 affected packages
Description
Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details.
- Insight
- Perl Tk Module
- Source-Navigator
- Tk
- Partimage
- Mlmmj
- acl
- Xinit
- gzip
- ncompress
- liblzw
- splashutils
- GNU M4
- KDE Display Manager
- GTK+
- KGet
- dvipng
- Beanstalk
- Policy Mount
- pam_krb5
- GNU gv
- LFTP
- Uzbl
- Slim
- Bitdefender Console
- iputils
- DVBStreamer
Impact
A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions.
Workaround
There are no known workarounds at this time.
Resolution
All Insight users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-util/insight-6.7.1-r1"
All Perl Tk Module users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-perl/perl-tk-804.028-r2"
All Source-Navigator users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-util/sourcenav-5.1.4"
All Tk users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/tk-8.4.18-r1"
All Partimage users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-block/partimage-0.6.8"
All Mlmmj users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-mail/mlmmj-1.2.17.1"
All acl users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-apps/acl-2.2.49"
All Xinit users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-apps/xinit-1.2.0-r4"
All gzip users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-arch/gzip-1.4"
All ncompress users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-arch/ncompress-4.2.4.3"
All liblzw users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/liblzw-0.2"
All splashutils users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=media-gfx/splashutils-1.5.4.3-r3"
All GNU M4 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-devel/m4-1.4.14-r1"
All KDE Display Manager users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=kde-base/kdm-4.3.5-r1"
All GTK+ users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-libs/gtk+-2.18.7"
All KGet 4.3 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=kde-base/kget-4.3.5-r1"
All dvipng users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/dvipng-1.13"
All Beanstalk users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-misc/beanstalkd-1.4.6"
All Policy Mount users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-apps/pmount-0.9.23"
All pam_krb5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-auth/pam_krb5-4.3"
All GNU gv users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/gv-3.7.1"
All LFTP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-ftp/lftp-4.0.6"
All Uzbl users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/uzbl-2010.08.05"
All Slim users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-misc/slim-1.3.2"
All iputils users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/iputils-20100418"
All DVBStreamer users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-tv/dvbstreamer-1.1-r1"
Gentoo has discontinued support for Bitdefender Console. We recommend that users unmerge Bitdefender Console:
# emerge --unmerge "app-antivirus/bitdefender-console"
NOTE: This is a legacy GLSA. Updates for all affected architectures have been available since 2011. It is likely that your system is already no longer affected by these issues.
References
[ 1 ] CVE-2006-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3005 [ 2 ] CVE-2007-2741 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2741 [ 3 ] CVE-2008-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0553 [ 4 ] CVE-2008-1382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1382 [ 5 ] CVE-2008-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5907 [ 6 ] CVE-2008-6218 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6218 [ 7 ] CVE-2008-6661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6661 [ 8 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 9 ] CVE-2009-0360 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0360 [ 10 ] CVE-2009-0361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0361 [ 11 ] CVE-2009-0946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0946 [ 12 ] CVE-2009-2042 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2042 [ 13 ] CVE-2009-2624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2624 [ 14 ] CVE-2009-3736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3736 [ 15 ] CVE-2009-4029 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4029 [ 16 ] CVE-2009-4411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4411 [ 17 ] CVE-2009-4896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4896 [ 18 ] CVE-2010-0001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0001 [ 19 ] CVE-2010-0436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0436 [ 20 ] CVE-2010-0732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0732 [ 21 ] CVE-2010-0829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0829 [ 22 ] CVE-2010-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1000 [ 23 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 24 ] CVE-2010-1511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1511 [ 25 ] CVE-2010-2056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2056 [ 26 ] CVE-2010-2060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2060 [ 27 ] CVE-2010-2192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2192 [ 28 ] CVE-2010-2251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2251 [ 29 ] CVE-2010-2529 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2529 [ 30 ] CVE-2010-2809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2809 [ 31 ] CVE-2010-2945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2945
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-08.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
As a precaution htmldoc has been rebuilt to link against the system libpng library for CS4 and 2008.0. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy.
Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Updated Packages:
Mandriva Linux 2008.0: 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2009.0: 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.1: 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2010.0: 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.1: 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64: 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Corporate 4.0: be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Corporate 4.0/X86_64: f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64: e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. =========================================================== Ubuntu Security Notice USN-930-4 July 23, 2010 firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities CVE-2008-5913, CVE-2010-0654, CVE-2010-1121, CVE-2010-1125, CVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199, CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203, CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208, CVE-2010-1209, CVE-2010-1210, CVE-2010-1211, CVE-2010-1212, CVE-2010-1213, CVE-2010-1214, CVE-2010-1215, CVE-2010-2751, CVE-2010-2752, CVE-2010-2753, CVE-2010-2754 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.04 Ubuntu 9.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 9.04: abrowser 3.6.7+build2+nobinonly-0ubuntu0.9.04.1 firefox-3.0 3.6.7+build2+nobinonly-0ubuntu0.9.04.1 xulrunner-1.9.2 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2
Ubuntu 9.10: firefox-3.5 3.6.7+build2+nobinonly-0ubuntu0.9.10.1 xulrunner-1.9.2 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2
Mozilla has changed the support model for Firefox and they no longer support version 3.0 of the browser and will only support version 3.5 of the browser for a while longer. As a result, Ubuntu is providing an upgrade to Firefox 3.6 for Ubuntu 9.04 and 9.10 users, which is the most current stable release of Firefox supported by Mozilla. When upgrading, users should be aware of the following:
- Firefox 3.6 does not support version 5 of the Sun Java plugin. Please use icedtea6-plugin or sun-java6-plugin instead.
- After upgrading to Firefox 3.6.6, users may be prompted to upgrade 3rd party Add-Ons. In some cases, an Add-On will not be compatible with Firefox 3.6.6 and have no update available. In these cases, Firefox will notify the user that it is disabling the Add-On.
- Font configuration cannot be controlled via Gnome settings. This is a known issue being tracked in https://launchpad.net/bugs/559149 and will be fixed in a later update.
- helix-player is not currently supported in Firefox 3.6. This is a known issue and may be fixed in a future update.
- Plugins using external helpers (such as Totem) may not close when using the Epiphany browser. This is a known issue being tracked in https://launchpad.net/bugs/599796 and will be fixed in a later update. This issue only affects Ubuntu 9.04.
- The OpenJDK java plugin is not available in Ubuntu 9.04 on Sparc hardware. This will be fixed in a future update.
After a standard system upgrade you need to restart Firefox and any applications that use Xulrunner to effect the necessary changes.
Details follow:
USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides the corresponding updates for Ubuntu 9.04 and 9.10, along with additional updates affecting Firefox 3.6.6.
Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212)
An integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1214)
A flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. (CVE-2010-1215)
An integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2752)
An integer overflow was discovered in how Firefox interpreted the XUL element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2753)
Aki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)
Yosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-1213, CVE-2010-1207)
O. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-1210)
Michal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no content) code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-1206)
Jordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-2751)
Chris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0654)
Soroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains. (CVE-2010-2754)
Original advisory details:
If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1121)
Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203)
A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198)
An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196)
Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199)
Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125)
Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present. Under certain circumstances, this could potentially lead to cross-site scripting attacks. (CVE-2010-1197)
Amit Klein discovered that Firefox did not seed its random number generator often enough. An attacker could exploit this to identify and track users across different web sites. (CVE-2008-5913)
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 67119 0d7f276c870914e97be8016c470c0acc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.diff.gz
Size/MD5: 144826 b71440bbda1a9a19aa3434ad6a00c486
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.dsc
Size/MD5: 2552 0e63965d7e1ba8d0c024793dae18a651
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly.orig.tar.gz
Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72226 e41f4ba0e1ee2812d09f178ce649be97
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72392 fb339d706ee66252e70e96d62c33b305
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72228 d3b045b5cafba2c50b75eb3c5c0a590a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72218 6a5c7d950490e1b8265bac1bc15abeb1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72240 e1de71fa375ab4896e29dafcca783dba
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72574 f4cb1ee7572ed2ab316313ecbb3ed84f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72236 2dece76f652e27494e7487f4e68f646a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72222 c4aebcd1ce9c8b621b7297b7088d2ef4
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72256 3caf1296c3c06121157b6614170e1083
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72226 d1f70077a0e3ed2fee170c02bfb03e7c
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72212 133df734e76a4477af91dec984aa2694
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72240 6efcfef2ed5164204686ce075d23332d
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72210 07339b8304124d7afbacf53943f0500f
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 7798876 759f27c1d6635a6d04b07c9a73f54f3c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb
Size/MD5: 72330 b9692de7b7947e32c1f678a9d554effa
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb
Size/MD5: 72764 706e5682afbbc54334bb823fe92e9d0c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb
Size/MD5: 12504700 0c81c0201b8a6b3aef72d2213d9d38b2
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_amd64.deb
Size/MD5: 29308 4174c5e062a927f5f4fd445bc3f2b7ce
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 9913748 ad706c2a0c670ea9bc6de7109211c8e4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb
Size/MD5: 72340 b19f20096548fc8981367cd9d431379f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb
Size/MD5: 72762 faaacee4aa7e2fd7fa961a88c4b86d0f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb
Size/MD5: 11192572 5adae55773b0ca8e438c7252046f705b
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_i386.deb
Size/MD5: 29308 ca6a787a65220583746b55366ae9ac44
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/
Size/MD5: 4830218 0d3caf5b20aba2975f9f7e423c6b3b69
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb
Size/MD5: 72332 099275f779e538dc54e913593084b7bc
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb
Size/MD5: 72762 ee7361261892014edfc1a69365672c17
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb
Size/MD5: 10687418 2a010333c02ed1112cbef0544cf73cf1
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_lpia.deb
Size/MD5: 29308 5fb3d21190e1e8012b08b694c4b9239c
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/
Size/MD5: 4812772 94b728d013dee6371b8cc4ebef11430c
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb
Size/MD5: 72340 6318359d26cfa32d4e1eeda6c8916aa4
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb
Size/MD5: 72770 e5449bcbe442fa1385d7b2ecbc8c1831
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb
Size/MD5: 11583662 a73467d63e46af2f21b2e46fa0f29797
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_powerpc.deb
Size/MD5: 29310 69a2c47902bb366a50c2bb3fa9053131
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/
Size/MD5: 75512 a49a96a5d589e39a77720fe70706da03
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_sparc.deb
Size/MD5: 29312 e66a94b78d1d6476b05736a82c4ed49c
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 2621 74297592edce6f55313193967daaebeb
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.diff.gz
Size/MD5: 155727 0e58cb5f9e5293c40564e944e50437a6
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.dsc
Size/MD5: 2758 e6647365f000313a96f9a72b4dc8022f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly.orig.tar.gz
Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 29714 b4ee604ee0d4dbdc448a74f6f746528c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75716 8ec52b07f2b60dbb381909a6b7e5f039
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75964 69b4baf1c2b4ce75ced092dbdb44266b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75700 22bd34473ba1abe7501b247f7d8980b5
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75702 3dc765e62e9300dd5a57d512be2e3c3b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75700 1ae9b7c023259e8f9fa994c24efeb07f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75706 f4a1b34f657927ca5eaf15cf9976e336
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75704 80434fb6b98bd5ddafbd0d9d472b9416
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75698 1e6cffa413775771f086d3238ed84a6b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75722 b3dea417d76e06235b1f7c267d4871fe
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 76052 9c59d599f01a4af2337515c224164b11
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75718 70e6d5d57e356e78500d8558e6ec7f72
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 8938 3085a96f8f815fbb01b21dd67d4b423d
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75710 45b7c94ece697097b83adb8bc09b5769
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 8940 8d60975aeb324b31426a64d0a1485320
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 8930 e9c41de371986cf16137aa0a8baa1635
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75710 191d51d184569650814b7d1e87e808a3
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75720 f18da780b4b8e57685667bb94faeac19
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75726 6bef8a651c1763ca5fdd3140bd7ae915
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-venkman_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75714 408c0fa73ac828fa9acae2a7ff02e6f7
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75692 3c4f3ef8332997b0a72bda0e436ab0fe
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75708 c3f238accf868508d1d44a3984a0deda
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75722 41bf0606552717a9988db2bd929b3862
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75692 e27ae8b4a4875eff55fedd2c3da9499e
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75710 49ada82e615b86ac74f5880b656d8914
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 10675764 276cf6fd80197d8edf64b2c885c5e540
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb
Size/MD5: 76196 ec574586607cd1da65dd5ee7c1f17317
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb
Size/MD5: 12502768 ef8749c8ba4b15a29631f69baccf6984
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_amd64.deb
Size/MD5: 29196 766569469e7d1d805a16b659607cb228
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 43286 e1e37c33ecc0918fcd518e5748c767e2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb
Size/MD5: 76198 06d415ebee45883afa9de06a4bf00ba2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb
Size/MD5: 11217372 c3ddffd8a035d3be397ffc112c17e0a9
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_i386.deb
Size/MD5: 29190 c59e1bbc03df75b63c72a956530ecdff
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/
Size/MD5: 4794796 0f04c58b1898ef6ff8c42e9f696cf943
http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb
Size/MD5: 76192 ac0e4a03520b896085dbc4b1e524c397
http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb
Size/MD5: 10720482 e9459f2ddd0b28adc40e37bc46de87d8
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_lpia.deb
Size/MD5: 29194 b5c356758ef5adb4468c85577660061a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/
Size/MD5: 64642040 19a96c0ae2726790da3efb566ac4fdb0
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_powerpc.deb
Size/MD5: 29200 69d071a75fcd766841f7f428ec9eb806
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/
Size/MD5: 7629538 5042de0cdebf36ad17e6485b966ec94f
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_sparc.deb
Size/MD5: 29194 f154cda4e06288f639db4d6024c26695
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1188",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "seamonkey",
"scope": "lt",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "mac os x server",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "firefox",
"scope": "lt",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.2"
},
{
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.2.44"
},
{
"model": "thunderbird",
"scope": "lt",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.0"
},
{
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "5.0.375.99"
},
{
"model": "thunderbird",
"scope": "lt",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1.2"
},
{
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.10"
},
{
"model": "firefox",
"scope": "lt",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.3"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.4"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.0"
},
{
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.5"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "iphone os",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "13"
},
{
"model": "firefox",
"scope": "gte",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.5.12"
},
{
"model": "thunderbird",
"scope": "gte",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.1"
},
{
"model": "mac os x server",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "libpng",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.2.22"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.47"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.4.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Greg Roelofs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2010-1205",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-43810",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2010-1205",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1205",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#643615",
"trust": 0.8,
"value": "12.96"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-473",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-43810",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-1205",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. Libpng contains a vulnerability in the way it handles images containing an extra row of image data beyond the height reported in the image header. libpng is a PNG reference library that can create, read and write PNG graphics files. There is a buffer overflow vulnerability in the libpng library when processing graphics row data. If the graphics file provides an extra graphics row that is higher than the height reported in the header, this overflow can be triggered, resulting in arbitrary code execution; in addition, when processing a certain There may be a memory leak when some sCAL blocks are used, and specially crafted PNG graphics may cause a denial of service. ----------------------------------------------------------------------\n\n\n\"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420.\"\n\nNon-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:\n\nhttp://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf\n\n\n----------------------------------------------------------------------\n\nTITLE:\nMozilla Thunderbird Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA40642\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40642/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40642\n\nRELEASE DATE:\n2010-07-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40642/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40642/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40642\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nSome weaknesses and vulnerabilities have been reported in Mozilla\nThunderbird, which can be exploited by malicious people to disclose\npotentially sensitive information, potentially conduct cross-site\nscripting attacks, bypass certain security restrictions, and\ncompromise a user\u0027s system. \n\nFor more information:\nSA39925\n\nSOLUTION:\nUpdate to Thunderbird 3.0.6 and 3.1.1. \n\nORIGINAL ADVISORY:\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-34.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-38.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-39.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-40.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-41.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-42.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-43.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-44.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-46.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-47.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nCVE-2010-1208\n\n \"regenrecht\" discovered that incorrect memory handling in DOM\n parsing could lead to the execution of arbitrary code. \n\nCVE-2010-1211\n\n Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary\n Kwong, Tobias Markus and Daniel Holbert discovered crashes in the\n layout engine, which might allow the execution of arbitrary code. \n\nCVE-2010-2751\n\n Jordi Chancel discovered that the location could be spoofed to\n appear like a secured page. \n\nCVE-2010-2753\n\n \"regenrecht\" discovered that incorrect memory handling in XUL\n parsing could lead to the execution of arbitrary code. \n\nCVE-2010-2754\n\n Soroush Dalili discovered an information leak in script processing. \n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.9.0.19-3. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.1.11-1. \n\nFor the experimental distribution, these problems have been fixed in\nversion 1.9.2.7-1. \n\nWe recommend that you upgrade your xulrunner packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.diff.gz\n Size/MD5 checksum: 149955 e6ec4540373a8dfbea5c1e63f5b628b2\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.dsc\n Size/MD5 checksum: 1755 59f9033377f2450ad114d9ee4367f9c7\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz\n Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-3_all.deb\n Size/MD5 checksum: 1466246 a3b5c8b34df7e2077a5e3c5c0d911b85\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 165496 ad7c134eeadc1a2aa751c289052d32f1\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 433152 57f7a88c05eece5c0ea17517646267bb\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 72550 b581302383396b57f7e07aa4564245b3\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 51155444 37595efd28303ec3a88d294b58c1e7aa\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 9487312 452f2c3b26bb249711720ade76e77c3f\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 223422 9ce6e6f35412321405c27618a3550763\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 113478 f4946488381af317acb3bd27da3e372e\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 940250 abb2d020d4cce2e5547d17dd94323cee\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 3357434 a26b339fee481f1ae5494ee0983e3e75\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 50381710 4e6df9133e326ca7fe1d91adab87609b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 3291324 01a75923a6b796c2e1f3c02e4584072f\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 152266 0a9e05d5e36920cf9cb6c9e39357679b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 7735106 eedecb0183cd911bf7416be5f61cf88e\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 374604 7a71d4ce527727f43225fc1cdc6b3915\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 70226 f8860e988f030333c59f893582e17da0\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 890738 0db2e5b458ae1495dce575688a27ef2a\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 223326 1d128ae917c5dab4e977ffb018cb704c\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 101830 2bb9a62d6454d0b7ef6da98cc07b4013\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 140950 d9044d5f823661f4a1ef11c47971d6e2\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 3584768 6ff8221347684a334d6f358d2c8f2dcc\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 6802070 e489c87976c243d040f568a8e04a7466\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 351056 dd61fc5b425e296ef00120b4cfbc5604\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 68552 819703fc0550ee6473572ea3655ab1f5\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 84224 f3915220a86a6a31e48b845d2af7f249\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 222376 cb0563f3e5220ceb6f42b8e6471eb883\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 49349776 4037a4ab7eeb964c24c95fbb905edbe6\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 815334 c055e242c82b7643c67712602e4f3215\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 822978 f8609edb961b6c71732c17575393644a\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 6962470 fc143ac75279405ef99a3e045439adeb\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 3583846 db81fc2e4c8a30fbaf0b176f6d7e77a5\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 142446 016a6aa2efa9e49788c97bc925d90bbb\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 353294 65f40d8a434c6b430685ef1a54246888\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 50182030 97009b62c3d65b5e715f363d7a5a2e0c\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 223380 30fd707dea85e43894c84036115920a3\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 70694 e5892c32e9850d86138ebf15ad317b63\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 84758 a94402fed374f82a1ffeb338cb2a4cbb\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 223614 ea284c98cc97b10b879d6174b81cb486\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 899460 290c89b8835d773b8fd240f5610dc63c\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 72280 1d32724f444212696e28d15dc22386af\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 413386 e78a2aabb581f3f7f8da9cb531d6a883\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 158762 89855347fdf8833df8fd643cfd6a2f10\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 51267722 b51b03ef591a26a4bb72fb0c58e610c0\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 3632562 2d9a207f01319a7bd8f3eb72b3762c77\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 9523510 0f38b76b0074881d4b12823eedc40846\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 106998 32d701f55bd4cc6e0f7160c3b5db43aa\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 49553140 cd9fb750075df895e2ad46a8fe4c8bdf\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 852228 f04ee6f2c26e9bda77477d64a13f3c53\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 79554 e69019a20fc3e8750faf73961cae8a38\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 224454 c7e441828615fa66d9907b6407a2b1ad\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 351828 85e4711445491850841c2f05102f2bd2\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 6609818 b99e5d5f75686adcea1c3570fb82ead5\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 3573826 2869c274453928b8b110d8aee7dcba96\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 142966 847a37421b7980378c81c5e818c2df3d\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 68968 1eee7343caee6a8a23a141bf6b653fa4\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 224078 a9dc6949ac6ef39884d1cb58929e20fc\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 3693822 602f37b927bc425803730a66d17e8bec\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 542370 6015bef0d96154f73c32b2031c8bbf70\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 77166 1a94ec379b6e210cf35c1116939fc5f7\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 813100 d0cdc640bf4a68973942cf563b7f7d7b\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 181192 54ef9505c0b0a0b62539dc3d983a8f83\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 11340432 b833d183a5337231c512aba60e733213\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 49734538 21b8086eb33e228f4a3800307a721558\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 121688 1e8f51c8c5d1097d5c0e4b8fd6743ec7\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 3611102 8f2980b314f14ff7cf1c244ed11ee638\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 145574 f38aa4d16323e517d075d1de833a7a35\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 380888 73bf50fdf8fd49a2251f3c13db9e0a2c\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 7677088 d034f72357eb3276850bea226dfc3489\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 96932 9c55e0f731b1a507e77abb54ea7c2b08\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 223126 cc6d3e47d51d4a15cd05ef6af47560c2\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 51902590 b9cafda15eba1ae28b5b054bd82e9d62\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 919306 764f458b99647036fbdb1b36768e9b99\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 70412 c674d096e73e7f353733e502bbc9cd05\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 378984 c66e5ff8815e2386755ece9c9a34b820\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 50034074 88479753fa54a417df183b78d0bb6ed1\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 145324 a801aeefc7fbf555ab407eaeb4c35295\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 70170 3145be02d89d6e205de5d89b269b9d8d\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 3311114 4dac1eff7f53b49976d984606e76afe6\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 900836 6727b545324904a39f31261db59f516b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 97046 2953be8b2d4df3994abd68d6f95de215\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 7384772 6666f68f98fa2cc81d9e3106c958360b\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 223416 a3ad25d92dc8f8e09352bc1fbce07989\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 95068 18f76fe7d470194c6320df8b42e7b09b\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 888120 b426372622e1ac0164db3f25589a5447\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 152544 e3b9205b45b66a3fcf4937c44897a7d8\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 3285670 a63c4ce33c3f482584b32cfe50488700\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 7287440 f9d042196ccedd4dfb4da6d3e45ca2b1\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 51458688 a669258d296192b6bd48b68006f9b618\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 223412 b900b19a182c059590bfcdb9495851ef\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 73306 94fdad8b176e63c0c791d19a026ce4b0\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 362778 79f1ea4633cf0147da60871533750312\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 156410 6e986f5714d7052295a32253daea02a9\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 73182 f3b9b343586f554ac37e5c7c8970a28a\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 407006 5919961e64253609b9eacc6a31a19b87\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 8401766 a23f6d0b7ac0b83997635feff3977ac2\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 223402 f08c12d85314436f6331b75e2e18b1c7\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 909824 8c8c3aa62be4c19e97351562dcbe1694\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 3308768 50226e505e97362404ffbe3e770775fe\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 105828 1e5fc5d7be3c5ab803dd71e8391c06bb\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 51242096 ebae3e5b1eb3fd2d9470cbe117b8ced9\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 49406432 caf251c788fe4f76679f600bd1d7b1c0\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 70192 33434a3b887ac076d88c0a4e425b3c29\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 144136 359a3cac1ee340f79eb9a53ac65f62ed\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 7181582 4b0f8aaf9a51e7c76073afbb7ea33c6e\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 3583844 11cb9b988b9eac3564f11ed310a8d77e\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 84544 0646f157f384a6a1ffcc3052035d1789\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 350470 1c643effc57e45c6afc964f2284cda7e\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 223260 77281a13fcc78aacd93cf479621ccf74\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 821854 32eba751571daa1dcd4db30e7a3b7b2c\n\n\n These files will probably be moved into the stable distribution on\n its next update. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\nBackground\n==========\n\nAMD64 x86 emulation base libraries provides pre-compiled 32-bit\nlibraries. They are included in this advisory for the\nsake of completeness. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0014\nSynopsis: VMware Workstation, Player, and ACE address several\n security issues. \nIssue date: 2010-09-23\nUpdated on: 2010-09-23 (initial release of advisory)\nCVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware Workstation and Player address a potential installer security\n issue and security issues in libpng. VMware ACE Management Server\n (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n VMware Workstation 7.1.1 and earlier,\n VMware Player 3.1.1 and earlier,\n VMware ACE Management Server 2.7.1 and earlier,\n\n Note: VMware Server was declared End Of Availability on January 2010,\n support will be limited to Technical Guidance for the duration\n of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n The Workstation 7.x and Player 3.x installers will load an index.htm\n file located in the current working directory on which Workstation\n 7.x or Player 3.x is being installed. This may allow an attacker to\n display a malicious file if they manage to get their file onto the\n system prior to installation. \n\n The issue can only be exploited at the time that Workstation 7.x or\n Player 3.x is being installed. Installed versions of Workstation and\n Player are not affected. The security issue is no longer present in\n the installer of the new versions of Workstation 7.x and Player 3.x\n (see table below for the version numbers). \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-3277 to this issue. \n\n VMware would like to thank Alexander Trofimov and Marc Esher for\n independently reporting this issue to VMware. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any 7.1.2 build 301548 or later *\n Workstation 6.5.x any not affected\n\n Player 3.x any 3.1.2 build 301548 or later *\n Player 2.5.x any not affected\n\n AMS any any not affected\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note: This only affects the installer, if you have a version of\n Workstation or Player installed you are not vulnerable. Third party libpng updated to version 1.2.44\n\n A buffer overflow condition in libpng is addressed that could\n potentially lead to code execution with the privileges of the\n application using libpng. Two potential denial of service issues\n are also addressed in the update. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.1.x any 7.1.2 build 301548 or later\n Workstation 6.5.x any affected, patch pending\n\n Player 3.1.x any 3.1.2 build 301548 or later\n Player 2.5.x any affected, patch pending\n\n AMS any any not affected\n\n Server any any affected, no patch planned\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n version 2.2.15. \n\n A function in Apache HTTP Server when multithreaded MPM is used\n does not properly handle headers in subrequests in certain\n circumstances which may allow remote attackers to obtain sensitive\n information via a crafted request that triggers access to memory\n locations associated with an earlier request. \n\n The Apache mod_isapi module can be forced to unload a specific\n library before the processing of a request is complete, resulting\n in memory corruption. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation any any not affected\n\n Player any any not affected\n\n AMS any Windows 2.7.2 build 301548 or later\n AMS any Linux affected, patch pending *\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 7.1.2\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n VMware Player 3.1.2\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n VMware Player for Windows 32-bit and 64-bit\t\n md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n VMware Player for Linux 32-bit\t\n md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n VMware Player for Linux 64-bit\t\n md5sum: 2ab08e0d4050719845a64d334ca15bb1\n sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n VMware ACE Management Server 2.7.2\n ----------------------------------\n http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n Release notes:\n http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n ACE Management Server for Windows\t\n md5sum: 02f0072b8e48a98ed914b633f070d550\n sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23 VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201412-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Multiple packages, Multiple vulnerabilities fixed in 2010\n Date: December 11, 2014\n Bugs: #159556, #208464, #253822, #259968, #298067, #300375,\n #300943, #302478, #307525, #307633, #315235, #316697,\n #319719, #320961, #322457, #325507, #326759, #326953,\n #329125, #329939, #331421, #332527, #333661\n ID: 201412-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nThis GLSA contains notification of vulnerabilities found in several\nGentoo packages which have been fixed prior to January 1, 2011. Please see the package list and CVE\nidentifiers below for more information. \n\nBackground\n==========\n\nFor more information on the packages listed in this GLSA, please see\ntheir homepage referenced in the ebuild. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-util/insight \u003c 6.7.1-r1 \u003e= 6.7.1-r1\n 2 dev-perl/perl-tk \u003c 804.028-r2 \u003e= 804.028-r2\n 3 dev-util/sourcenav \u003c 5.1.4 \u003e= 5.1.4\n 4 dev-lang/tk \u003c 8.4.18-r1 \u003e= 8.4.18-r1\n 5 sys-block/partimage \u003c 0.6.8 \u003e= 0.6.8\n 6 app-antivirus/bitdefender-console\n \u003c= 7.1 Vulnerable!\n 7 net-mail/mlmmj \u003c 1.2.17.1 \u003e= 1.2.17.1\n 8 sys-apps/acl \u003c 2.2.49 \u003e= 2.2.49\n 9 x11-apps/xinit \u003c 1.2.0-r4 \u003e= 1.2.0-r4\n 10 app-arch/gzip \u003c 1.4 \u003e= 1.4\n 11 app-arch/ncompress \u003c 4.2.4.3 \u003e= 4.2.4.3\n 12 dev-libs/liblzw \u003c 0.2 \u003e= 0.2\n 13 media-gfx/splashutils \u003c 1.5.4.3-r3 \u003e= 1.5.4.3-r3\n 14 sys-devel/m4 \u003c 1.4.14-r1 \u003e= 1.4.14-r1\n 15 kde-base/kdm \u003c 4.3.5-r1 \u003e= 4.3.5-r1\n 16 x11-libs/gtk+ \u003c 2.18.7 \u003e= 2.18.7\n 17 kde-base/kget \u003c 4.3.5-r1 \u003e= 4.3.5-r1\n 18 app-text/dvipng \u003c 1.13 \u003e= 1.13\n 19 app-misc/beanstalkd \u003c 1.4.6 \u003e= 1.4.6\n 20 sys-apps/pmount \u003c 0.9.23 \u003e= 0.9.23\n 21 sys-auth/pam_krb5 \u003c 4.3 \u003e= 4.3\n 22 app-text/gv \u003c 3.7.1 \u003e= 3.7.1\n 23 net-ftp/lftp \u003c 4.0.6 \u003e= 4.0.6\n 24 www-client/uzbl \u003c 2010.08.05 \u003e= 2010.08.05\n 25 x11-misc/slim \u003c 1.3.2 \u003e= 1.3.2\n 26 net-misc/iputils \u003c 20100418 \u003e= 20100418\n 27 media-tv/dvbstreamer \u003c 1.1-r1 \u003e= 1.1-r1\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n 27 affected packages\n\nDescription\n===========\n\nVulnerabilities have been discovered in the packages listed below. \nPlease review the CVE identifiers in the Reference section for details. \n\n* Insight\n* Perl Tk Module\n* Source-Navigator\n* Tk\n* Partimage\n* Mlmmj\n* acl\n* Xinit\n* gzip\n* ncompress\n* liblzw\n* splashutils\n* GNU M4\n* KDE Display Manager\n* GTK+\n* KGet\n* dvipng\n* Beanstalk\n* Policy Mount\n* pam_krb5\n* GNU gv\n* LFTP\n* Uzbl\n* Slim\n* Bitdefender Console\n* iputils\n* DVBStreamer\n\nImpact\n======\n\nA context-dependent attacker may be able to gain escalated privileges,\nexecute arbitrary code, cause Denial of Service, obtain sensitive\ninformation, or otherwise bypass security restrictions. \n\nWorkaround\n==========\n\nThere are no known workarounds at this time. \n\nResolution\n==========\n\nAll Insight users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-util/insight-6.7.1-r1\"\n\nAll Perl Tk Module users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-perl/perl-tk-804.028-r2\"\n\nAll Source-Navigator users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-util/sourcenav-5.1.4\"\n\nAll Tk users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-lang/tk-8.4.18-r1\"\n\nAll Partimage users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=sys-block/partimage-0.6.8\"\n\nAll Mlmmj users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-mail/mlmmj-1.2.17.1\"\n\nAll acl users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=sys-apps/acl-2.2.49\"\n\nAll Xinit users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=x11-apps/xinit-1.2.0-r4\"\n\nAll gzip users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-arch/gzip-1.4\"\n\nAll ncompress users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-arch/ncompress-4.2.4.3\"\n\nAll liblzw users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/liblzw-0.2\"\n\nAll splashutils users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=media-gfx/splashutils-1.5.4.3-r3\"\n\nAll GNU M4 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=sys-devel/m4-1.4.14-r1\"\n\nAll KDE Display Manager users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=kde-base/kdm-4.3.5-r1\"\n\nAll GTK+ users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=x11-libs/gtk+-2.18.7\"\n\nAll KGet 4.3 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=kde-base/kget-4.3.5-r1\"\n\nAll dvipng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/dvipng-1.13\"\n\nAll Beanstalk users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-misc/beanstalkd-1.4.6\"\n\nAll Policy Mount users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=sys-apps/pmount-0.9.23\"\n\nAll pam_krb5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=sys-auth/pam_krb5-4.3\"\n\nAll GNU gv users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/gv-3.7.1\"\n\nAll LFTP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-ftp/lftp-4.0.6\"\n\nAll Uzbl users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/uzbl-2010.08.05\"\n\nAll Slim users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=x11-misc/slim-1.3.2\"\n\nAll iputils users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/iputils-20100418\"\n\nAll DVBStreamer users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-tv/dvbstreamer-1.1-r1\"\n\nGentoo has discontinued support for Bitdefender Console. We recommend\nthat users unmerge Bitdefender Console:\n\n # emerge --unmerge \"app-antivirus/bitdefender-console\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures\nhave been available since 2011. It is likely that your system is\nalready no longer affected by these issues. \n\nReferences\n==========\n\n[ 1 ] CVE-2006-3005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3005\n[ 2 ] CVE-2007-2741\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2741\n[ 3 ] CVE-2008-0553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0553\n[ 4 ] CVE-2008-1382\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1382\n[ 5 ] CVE-2008-5907\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5907\n[ 6 ] CVE-2008-6218\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6218\n[ 7 ] CVE-2008-6661\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6661\n[ 8 ] CVE-2009-0040\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 9 ] CVE-2009-0360\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0360\n[ 10 ] CVE-2009-0361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0361\n[ 11 ] CVE-2009-0946\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0946\n[ 12 ] CVE-2009-2042\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2042\n[ 13 ] CVE-2009-2624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2624\n[ 14 ] CVE-2009-3736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3736\n[ 15 ] CVE-2009-4029\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4029\n[ 16 ] CVE-2009-4411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4411\n[ 17 ] CVE-2009-4896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4896\n[ 18 ] CVE-2010-0001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0001\n[ 19 ] CVE-2010-0436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0436\n[ 20 ] CVE-2010-0732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0732\n[ 21 ] CVE-2010-0829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0829\n[ 22 ] CVE-2010-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1000\n[ 23 ] CVE-2010-1205\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205\n[ 24 ] CVE-2010-1511\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1511\n[ 25 ] CVE-2010-2056\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2056\n[ 26 ] CVE-2010-2060\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2060\n[ 27 ] CVE-2010-2192\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2192\n[ 28 ] CVE-2010-2251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2251\n[ 29 ] CVE-2010-2529\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2529\n[ 30 ] CVE-2010-2809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2809\n[ 31 ] CVE-2010-2945\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2945\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201412-08.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n \n As a precaution htmldoc has been rebuilt to link against the\n system libpng library for CS4 and 2008.0. Latest xulrunner and\n mozilla-thunderbird has been patched as a precaution for 2008.0 wheres\n on 2009.0 and up the the system libpng library is used instead of the\n bundled copy. \n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm\n 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm\n 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm\n fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm\n d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm\n 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm\n 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm\n b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm\n b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm\n 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm\n 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm\n ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm\n 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm\n c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm\n fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm\n c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm\n 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm\n ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm\n 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm\n bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm\n e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm\n 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm\n df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm\n 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm\n 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm\n 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm\n 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm\n 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm\n abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm\n bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm\n 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm\n d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm\n 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm\n 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm\n 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Corporate 4.0:\n be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm\n 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm\n 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm\n e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm\n 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm\n 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm\n e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm\n e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm\n 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm\n 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm\n c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm\n 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm\n 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. ===========================================================\nUbuntu Security Notice USN-930-4 July 23, 2010\nfirefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities\nCVE-2008-5913, CVE-2010-0654, CVE-2010-1121, CVE-2010-1125,\nCVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199,\nCVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203,\nCVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208,\nCVE-2010-1209, CVE-2010-1210, CVE-2010-1211, CVE-2010-1212,\nCVE-2010-1213, CVE-2010-1214, CVE-2010-1215, CVE-2010-2751,\nCVE-2010-2752, CVE-2010-2753, CVE-2010-2754\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 9.04:\n abrowser 3.6.7+build2+nobinonly-0ubuntu0.9.04.1\n firefox-3.0 3.6.7+build2+nobinonly-0ubuntu0.9.04.1\n xulrunner-1.9.2 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2\n\nUbuntu 9.10:\n firefox-3.5 3.6.7+build2+nobinonly-0ubuntu0.9.10.1\n xulrunner-1.9.2 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2\n\nMozilla has changed the support model for Firefox and they no longer\nsupport version 3.0 of the browser and will only support version 3.5 of the\nbrowser for a while longer. As a result, Ubuntu is providing an upgrade to\nFirefox 3.6 for Ubuntu 9.04 and 9.10 users, which is the most current\nstable release of Firefox supported by Mozilla. When upgrading, users\nshould be aware of the following:\n\n- Firefox 3.6 does not support version 5 of the Sun Java plugin. Please use\n icedtea6-plugin or sun-java6-plugin instead. \n- After upgrading to Firefox 3.6.6, users may be prompted to upgrade 3rd\n party Add-Ons. In some cases, an Add-On will not be compatible with\n Firefox 3.6.6 and have no update available. In these cases, Firefox will\n notify the user that it is disabling the Add-On. \n- Font configuration cannot be controlled via Gnome settings. This is a\n known issue being tracked in https://launchpad.net/bugs/559149 and will\n be fixed in a later update. \n- helix-player is not currently supported in Firefox 3.6. This is a known\n issue and may be fixed in a future update. \n- Plugins using external helpers (such as Totem) may not close when using\n the Epiphany browser. This is a known issue being tracked in\n https://launchpad.net/bugs/599796 and will be fixed in a later update. \n This issue only affects Ubuntu 9.04. \n- The OpenJDK java plugin is not available in Ubuntu 9.04 on Sparc\n hardware. This will be fixed in a future update. \n\nAfter a standard system upgrade you need to restart Firefox and any\napplications that use Xulrunner to effect the necessary changes. \n\nDetails follow:\n\nUSN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update\nprovides the corresponding updates for Ubuntu 9.04 and 9.10, along with\nadditional updates affecting Firefox 3.6.6. \n\nSeveral flaws were discovered in the browser engine of Firefox. If a user\nwere tricked into viewing a malicious site, a remote attacker could use\nthis to crash the browser or possibly run arbitrary code as the user\ninvoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,\nCVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed plugin\nparameters. An attacker could exploit this to crash the browser or possibly\nrun arbitrary code as the user invoking the program. (CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a user were\ntricked into viewing a malicious site, a remote attacker code execute\narbitrary JavaScript with chrome privileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed CSS values. An\nattacker could exploit this to crash the browser or possibly run arbitrary\ncode as the user invoking the program. (CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox interpreted the XUL\n\u003ctree\u003e element. If a user were tricked into viewing a malicious site, a\nremote attacker could use this to crash the browser or possibly run\narbitrary code as the user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle certain malformed\nPNG images. If a user were tricked into opening a crafted PNG file, an\nattacker could cause a denial of service or possibly execute arbitrary code\nwith the privileges of the user invoking the program. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin\ncheck in Firefox could be bypassed by utilizing the importScripts Web\nWorker method. If a user were tricked into viewing a malicious website, an\nattacker could exploit this to read data from other domains. \n(CVE-2010-1213, CVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined positions within\ncertain 8 bit encodings. An attacker could utilize this to perform\ncross-site scripting attacks. (CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no\ncontent) code. An attacker could exploit this to spoof the location bar,\nsuch as in a phishing attack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly handle when a server\nresponds to an HTTPS request with plaintext and then processes JavaScript\nhistory events. An attacker could exploit this to spoof the location bar,\nsuch as in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process improper CSS\nselectors. If a user were tricked into viewing a malicious website, an\nattacker could exploit this to read data from other domains. \n(CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly handle script error\noutput. An attacker could use this to access URL parameters from other\ndomains. (CVE-2010-2754)\n\nOriginal advisory details:\n\n If was discovered that Firefox could be made to access freed memory. If a\n user were tricked into viewing a malicious site, a remote attacker could\n cause a denial of service or possibly execute arbitrary code with the\n privileges of the user invoking the program. (CVE-2010-1121)\n \n Several flaws were discovered in the browser engine of Firefox. If a\n user were tricked into viewing a malicious site, a remote attacker could\n cause a denial of service or possibly execute arbitrary code with the\n privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201,\n CVE-2010-1202, CVE-2010-1203)\n \n A flaw was discovered in the way plugin instances interacted. An attacker\n could potentially exploit this and use one plugin to access freed memory from a\n second plugin to execute arbitrary code with the privileges of the user\n invoking the program. (CVE-2010-1198)\n \n An integer overflow was discovered in Firefox. If a user were tricked into\n viewing a malicious site, an attacker could overflow a buffer and cause a\n denial of service or possibly execute arbitrary code with the privileges of\n the user invoking the program. (CVE-2010-1196)\n \n Martin Barbella discovered an integer overflow in an XSLT node sorting\n routine. An attacker could exploit this to overflow a buffer and cause a\n denial of service or possibly execute arbitrary code with the privileges of\n the user invoking the program. (CVE-2010-1199)\n \n Michal Zalewski discovered that the focus behavior of Firefox could be\n subverted. If a user were tricked into viewing a malicious site, a remote\n attacker could use this to capture keystrokes. (CVE-2010-1125)\n \n Ilja van Sprundel discovered that the \u0027Content-Disposition: attachment\u0027\n HTTP header was ignored when \u0027Content-Type: multipart\u0027 was also present. \n Under certain circumstances, this could potentially lead to cross-site\n scripting attacks. (CVE-2010-1197)\n \n Amit Klein discovered that Firefox did not seed its random number generator\n often enough. An attacker could exploit this to identify and track users\n across different web sites. (CVE-2008-5913)\n\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 67119 0d7f276c870914e97be8016c470c0acc\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.diff.gz\n Size/MD5: 144826 b71440bbda1a9a19aa3434ad6a00c486\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.dsc\n Size/MD5: 2552 0e63965d7e1ba8d0c024793dae18a651\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly.orig.tar.gz\n Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72226 e41f4ba0e1ee2812d09f178ce649be97\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72392 fb339d706ee66252e70e96d62c33b305\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72228 d3b045b5cafba2c50b75eb3c5c0a590a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72218 6a5c7d950490e1b8265bac1bc15abeb1\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72240 e1de71fa375ab4896e29dafcca783dba\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72574 f4cb1ee7572ed2ab316313ecbb3ed84f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72236 2dece76f652e27494e7487f4e68f646a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72222 c4aebcd1ce9c8b621b7297b7088d2ef4\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72256 3caf1296c3c06121157b6614170e1083\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72226 d1f70077a0e3ed2fee170c02bfb03e7c\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72212 133df734e76a4477af91dec984aa2694\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72240 6efcfef2ed5164204686ce075d23332d\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72210 07339b8304124d7afbacf53943f0500f\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 7798876 759f27c1d6635a6d04b07c9a73f54f3c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb\n Size/MD5: 72330 b9692de7b7947e32c1f678a9d554effa\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb\n Size/MD5: 72764 706e5682afbbc54334bb823fe92e9d0c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb\n Size/MD5: 12504700 0c81c0201b8a6b3aef72d2213d9d38b2\n http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_amd64.deb\n Size/MD5: 29308 4174c5e062a927f5f4fd445bc3f2b7ce\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 9913748 ad706c2a0c670ea9bc6de7109211c8e4\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb\n Size/MD5: 72340 b19f20096548fc8981367cd9d431379f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb\n Size/MD5: 72762 faaacee4aa7e2fd7fa961a88c4b86d0f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb\n Size/MD5: 11192572 5adae55773b0ca8e438c7252046f705b\n http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_i386.deb\n Size/MD5: 29308 ca6a787a65220583746b55366ae9ac44\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 4830218 0d3caf5b20aba2975f9f7e423c6b3b69\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb\n Size/MD5: 72332 099275f779e538dc54e913593084b7bc\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb\n Size/MD5: 72762 ee7361261892014edfc1a69365672c17\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb\n Size/MD5: 10687418 2a010333c02ed1112cbef0544cf73cf1\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_lpia.deb\n Size/MD5: 29308 5fb3d21190e1e8012b08b694c4b9239c\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 4812772 94b728d013dee6371b8cc4ebef11430c\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb\n Size/MD5: 72340 6318359d26cfa32d4e1eeda6c8916aa4\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb\n Size/MD5: 72770 e5449bcbe442fa1385d7b2ecbc8c1831\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb\n Size/MD5: 11583662 a73467d63e46af2f21b2e46fa0f29797\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_powerpc.deb\n Size/MD5: 29310 69a2c47902bb366a50c2bb3fa9053131\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 75512 a49a96a5d589e39a77720fe70706da03\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_sparc.deb\n Size/MD5: 29312 e66a94b78d1d6476b05736a82c4ed49c\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 2621 74297592edce6f55313193967daaebeb\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.diff.gz\n Size/MD5: 155727 0e58cb5f9e5293c40564e944e50437a6\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.dsc\n Size/MD5: 2758 e6647365f000313a96f9a72b4dc8022f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly.orig.tar.gz\n Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 29714 b4ee604ee0d4dbdc448a74f6f746528c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75716 8ec52b07f2b60dbb381909a6b7e5f039\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75964 69b4baf1c2b4ce75ced092dbdb44266b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75700 22bd34473ba1abe7501b247f7d8980b5\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75702 3dc765e62e9300dd5a57d512be2e3c3b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75700 1ae9b7c023259e8f9fa994c24efeb07f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75706 f4a1b34f657927ca5eaf15cf9976e336\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75704 80434fb6b98bd5ddafbd0d9d472b9416\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75698 1e6cffa413775771f086d3238ed84a6b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75722 b3dea417d76e06235b1f7c267d4871fe\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 76052 9c59d599f01a4af2337515c224164b11\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75718 70e6d5d57e356e78500d8558e6ec7f72\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 8938 3085a96f8f815fbb01b21dd67d4b423d\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75710 45b7c94ece697097b83adb8bc09b5769\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 8940 8d60975aeb324b31426a64d0a1485320\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 8930 e9c41de371986cf16137aa0a8baa1635\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75710 191d51d184569650814b7d1e87e808a3\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75720 f18da780b4b8e57685667bb94faeac19\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75726 6bef8a651c1763ca5fdd3140bd7ae915\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-venkman_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75714 408c0fa73ac828fa9acae2a7ff02e6f7\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75692 3c4f3ef8332997b0a72bda0e436ab0fe\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75708 c3f238accf868508d1d44a3984a0deda\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75722 41bf0606552717a9988db2bd929b3862\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75692 e27ae8b4a4875eff55fedd2c3da9499e\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75710 49ada82e615b86ac74f5880b656d8914\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 10675764 276cf6fd80197d8edf64b2c885c5e540\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb\n Size/MD5: 76196 ec574586607cd1da65dd5ee7c1f17317\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb\n Size/MD5: 12502768 ef8749c8ba4b15a29631f69baccf6984\n http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_amd64.deb\n Size/MD5: 29196 766569469e7d1d805a16b659607cb228\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 43286 e1e37c33ecc0918fcd518e5748c767e2\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb\n Size/MD5: 76198 06d415ebee45883afa9de06a4bf00ba2\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb\n Size/MD5: 11217372 c3ddffd8a035d3be397ffc112c17e0a9\n http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_i386.deb\n Size/MD5: 29190 c59e1bbc03df75b63c72a956530ecdff\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 4794796 0f04c58b1898ef6ff8c42e9f696cf943\n http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb\n Size/MD5: 76192 ac0e4a03520b896085dbc4b1e524c397\n http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb\n Size/MD5: 10720482 e9459f2ddd0b28adc40e37bc46de87d8\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_lpia.deb\n Size/MD5: 29194 b5c356758ef5adb4468c85577660061a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 64642040 19a96c0ae2726790da3efb566ac4fdb0\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_powerpc.deb\n Size/MD5: 29200 69d071a75fcd766841f7f428ec9eb806\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 7629538 5042de0cdebf36ad17e6485b966ec94f\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_sparc.deb\n Size/MD5: 29194 f154cda4e06288f639db4d6024c26695\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1205"
},
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "PACKETSTORM",
"id": "92059"
},
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "PACKETSTORM",
"id": "129524"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "129513"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "PACKETSTORM",
"id": "92111"
},
{
"db": "PACKETSTORM",
"id": "92156"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-43810",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=14422",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1205",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2010-2491",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1612",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1837",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1755",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-3046",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1877",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1637",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-3045",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1846",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40472",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "41574",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42317",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40547",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42314",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40302",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40336",
"trust": 1.8
},
{
"db": "BID",
"id": "41174",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#643615",
"trust": 0.9
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "48909",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "92011",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "91973",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "14422",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-69444",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91619",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-43810",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-1205",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "40642",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92059",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92229",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129524",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94244",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91878",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92111",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92156",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "PACKETSTORM",
"id": "92059"
},
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "PACKETSTORM",
"id": "129524"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "129513"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "PACKETSTORM",
"id": "92111"
},
{
"db": "PACKETSTORM",
"id": "92156"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"id": "VAR-201006-1188",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-43810"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T20:23:32.294000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "libpng Repair measures for memory corruption and denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126302"
},
{
"title": "Red Hat: Critical: seamonkey security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100546 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: libpng: CVE-2010-1205 and CVE-2010-2249",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=184c5adf52ad398a58919ac7993ba9b9"
},
{
"title": "Mozilla: Remote code execution using malformed PNG image",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=d846dfedec9f2e8b79ff9b299c65c005"
},
{
"title": "Debian Security Advisories: DSA-2072-1 libpng -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=3e96a347c5dea429ac96a3e5e90fb285"
},
{
"title": "Ubuntu Security Notice: libpng vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-960-1"
},
{
"title": "Red Hat: Critical: firefox security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100547 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: thunderbird vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-958-1"
},
{
"title": "Debian Security Advisories: DSA-2075-1 xulrunner -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=fa5c93137e44116ffb255e585f0961fc"
},
{
"title": "Ubuntu Security Notice: firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-957-1"
},
{
"title": "Ubuntu Security Notice: firefox, firefox-3.0, xulrunner-1.9.2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-957-2"
},
{
"title": "Ubuntu Security Notice: firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-930-4"
},
{
"title": "Ubuntu Security Notice: ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-930-5"
},
{
"title": "Exploit Development: Case Studies\nWindows\nUnix-like",
"trust": 0.1,
"url": "https://github.com/dyjakan/exploit-development-case-studies "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/sambacha/mirror-radamsa "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/StephenHaruna/RADAMSA "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/benoit-a/radamsa "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/g60ocR/radamsa "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-Fuzzer "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/nqwang/radamsa "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/Hwangtaewon/radamsa "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608238"
},
{
"trust": 1.9,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//aug/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00004.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/41174"
},
{
"trust": 1.8,
"url": "http://blackberry.com/btsc/kb27244"
},
{
"trust": 1.8,
"url": "http://code.google.com/p/chromium/issues/detail?id=45983"
},
{
"trust": 1.8,
"url": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4312"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4456"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4457"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4554"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4566"
},
{
"trust": 1.8,
"url": "http://trac.webkit.org/changeset/61816"
},
{
"trust": 1.8,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
},
{
"trust": 1.8,
"url": "https://bugs.webkit.org/show_bug.cgi?id=40798"
},
{
"trust": 1.8,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=570451"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044283.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044397.html"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:133"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11851"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40302"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40336"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40472"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40547"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/41574"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42314"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42317"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-960-1"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1612"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59815"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"trust": 1.5,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18"
},
{
"trust": 1.1,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3ba=commitdiff%3bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
},
{
"trust": 0.8,
"url": "http://libpng.org/pub/png/libpng.html"
},
{
"trust": 0.8,
"url": "http://admin.fedoraproject.org/updates/libpng-1.2.44-1.fc13"
},
{
"trust": 0.8,
"url": "http://admin.fedoraproject.org/updates/libpng-1.2.44-1.fc12"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerability-has-been-identified-in-bigfix-platform-shipped-with-ibm-license-metric-tool-2/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/48909"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0654"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2754"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2753"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1208"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1211"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2751"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1214"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2741"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2741"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1205"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-6218"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1210"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1206"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1207"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1209"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1212"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2752"
},
{
"trust": 0.2,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1213"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2010\u0026amp;m=slackware-security.613061"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2010:0546"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/92011/libpng-1.4.2-denial-of-service.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/960-1/"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/14422/"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/643615"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-40.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-38.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-42.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-39.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/gfx/pdf/secunia_half_year_report_2010.pdf"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-34.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-44.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40642/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-43.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-47.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-46.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40642/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40642"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0182"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5116"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2026"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5268"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3108"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5266"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1536"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-3108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-1536"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1664"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0338"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201412-11.xml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2026"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0720"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2877"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4995"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4995"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2877"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5268"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5116"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1664"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisoiries"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0360"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4029"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2060"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-6218"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0829"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-6661"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201412-08.xml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2056"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2060"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2042"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5907"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-6661"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1382"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0946"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2056"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2529"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4029"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1511"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1511"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2624"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0360"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2809"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0732"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4896"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4896"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2945"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-3005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4411"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0946"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5907"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2624"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1382"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-2_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-2-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.8.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.5-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/firefox/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.8.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/abrowser-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/firefox/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-2-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-2-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/abrowser-3.5_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1215"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-2-libthai_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-3.5-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-3.5-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/abrowser_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-2-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6218"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5913"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1125"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/599796"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1201"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/559149"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1121"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1198"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1200"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1197"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-venkman_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1196"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1202"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1203"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "PACKETSTORM",
"id": "92059"
},
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "PACKETSTORM",
"id": "129524"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "129513"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "PACKETSTORM",
"id": "92111"
},
{
"db": "PACKETSTORM",
"id": "92156"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "PACKETSTORM",
"id": "92059"
},
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "PACKETSTORM",
"id": "129524"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "129513"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "PACKETSTORM",
"id": "92111"
},
{
"db": "PACKETSTORM",
"id": "92156"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-02T00:00:00",
"db": "CERT/CC",
"id": "VU#643615"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-43810"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"date": "2010-07-22T14:16:23",
"db": "PACKETSTORM",
"id": "92059"
},
{
"date": "2010-07-28T01:22:06",
"db": "PACKETSTORM",
"id": "92229"
},
{
"date": "2014-12-12T17:43:12",
"db": "PACKETSTORM",
"id": "129524"
},
{
"date": "2010-07-20T00:53:34",
"db": "PACKETSTORM",
"id": "91973"
},
{
"date": "2010-09-25T18:50:30",
"db": "PACKETSTORM",
"id": "94244"
},
{
"date": "2014-12-12T17:37:19",
"db": "PACKETSTORM",
"id": "129513"
},
{
"date": "2010-07-23T18:04:51",
"db": "PACKETSTORM",
"id": "92097"
},
{
"date": "2010-07-16T04:34:46",
"db": "PACKETSTORM",
"id": "91878"
},
{
"date": "2010-07-23T19:51:43",
"db": "PACKETSTORM",
"id": "92111"
},
{
"date": "2010-07-26T20:52:04",
"db": "PACKETSTORM",
"id": "92156"
},
{
"date": "2010-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"date": "2010-06-30T18:30:01.333000",
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-12T00:00:00",
"db": "CERT/CC",
"id": "VU#643615"
},
{
"date": "2020-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-43810"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"date": "2021-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "PACKETSTORM",
"id": "129524"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libpng fails to limit number of rows in header",
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
}
],
"trust": 0.6
}
}
VAR-201004-1006
Vulnerability from variot - Updated: 2026-03-09 20:23Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The vmnc.dll library lacks input checking when processing HexTile encoded video blocks. The user is tricked into opening a malformed AVI file to trigger a heap overflow, causing arbitrary code execution. Multiple VMware products are prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote Vulnerabilities) but has been assigned its own record to better document it. VMware's enterprise software, VMware ESX Server, runs directly on server hardware without requiring an additional underlying operating system". from wikipedia
II.
III. Binary Analysis & Proof-fo-concept
In-depth binary analysis of the vulnerability and a PoC have been released by VUPEN through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
V. CREDIT
The vulnerability was discovered by Sebastien Renaud of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
- VUPEN Vulnerability Notification Service:
http://www.vupen.com/english/services/
- VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
VIII. DISCLOSURE TIMELINE
2009-09-14 - Vendor notified 2009-09-14 - Vendor response 2009-10-09 - Status update received 2009-10-27 - Status update received 2010-01-29 - Status update received 2010-03-05 - Status update received 2010-03-31 - Status update received 2010-04-09 - Coordinated public Disclosure
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.
This vulnerability is present only on Windows Guest Operating
Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any not affected
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x any 2.5.4 build 246459 or later
ACE 2.6.x Windows not affected
ACE 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any 2.0.2 build 203138 or later
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.6 build 246742 or later
ESXi 4.0 ESXi ESXi400-201002402-BG
ESXi 3.5 ESXi ESXe350-200912401-T-BG or later
ESX 4.0 ESX ESX400-201002401-BG
ESX 3.5 ESX ESX350-200912401-BG
ESX 3.0.3 ESX ESX303-201002203-UG
ESX 2.5.5 ESX Upgrade Patch 15
b. This vulnerability is present only on Windows Guest Operating Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Ace any any not affected
Server 2.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
d. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x any 2.5.4 build 246459 or later
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion any any Mac OS/X not affected
ESXi any ESXi not applicable
ESX any ESX not applicable
e.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.4 Build 246459 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.x any not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
ACE any any not affected
Server 2.x Window not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
f. VMware Remote Console format string vulnerability
VMware Remote Console (VMrc) contains a format string vulnerability.
For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.x Linux not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x Windows not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any any not affected
ESX any any not affected
h. Potential information leak via hosted networking stack
A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.
A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
i. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404
ESXi 3.5
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .
NOTE: Other products and versions may also be affected.
====================================================================== 2) Severity
Rating: Highly critical Impact: System access Where: Remote
====================================================================== 3) Vendor's Description of Software
"VMware Workstation makes it simple to create and run multiple virtual machines on your desktop or laptop computer.
The vulnerability is caused by a boundary error in vmnc.dll when processing HexTile encoded video chunks and can be exploited to cause a heap-based buffer overflow.
====================================================================== 6) Time Table
14/09/2009 - Vendor notified. 14/09/2009 - Vendor response. 09/04/2010 - Public disclosure.
====================================================================== 9) About Secunia
Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
====================================================================== 10) Verification
Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2009-36/
Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/
======================================================================
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.5.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.5.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.5.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.5"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "6.5.x"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"_id": null,
"model": "movie decoder",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"_id": null,
"model": "movie decoder",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "movie decoder",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "6.x"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "movie decoder",
"version": "6.5.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.2"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"_id": null,
"model": "movie decoder",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4"
}
],
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "BID",
"id": "39363"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:movie_decoder",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
}
]
},
"credits": {
"_id": null,
"data": "Alin Rad Pop",
"sources": [
{
"db": "PACKETSTORM",
"id": "88217"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
}
],
"trust": 0.7
},
"cve": "CVE-2009-1564",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-1564",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "7d740430-463f-11e9-9b95-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "4698decc-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-1564",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-1564",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-153",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2009-1564",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"description": {
"_id": null,
"data": "Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The vmnc.dll library lacks input checking when processing HexTile encoded video blocks. The user is tricked into opening a malformed AVI file to trigger a heap overflow, causing arbitrary code execution. Multiple VMware products are prone to a heap-based buffer-overflow vulnerability. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote Vulnerabilities) but has been assigned its own record to better document it. VMware\u0027s enterprise\nsoftware, VMware ESX Server, runs directly on server hardware\nwithout requiring an additional underlying operating system\". \nfrom wikipedia\n\n\nII. \n\n\nIII. Binary Analysis \u0026 Proof-fo-concept\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a PoC\nhave been released by VUPEN through the VUPEN Binary Analysis\n\u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nV. CREDIT\n--------------\n\nThe vulnerability was discovered by Sebastien Renaud of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services/\n\n* VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nVIII. DISCLOSURE TIMELINE\n----------------------------------- \n\n2009-09-14 - Vendor notified\n2009-09-14 - Vendor response\n2009-10-09 - Status update received\n2009-10-27 - Status update received\n2010-01-29 - Status update received\n2010-03-05 - Status update received\n2010-03-31 - Status update received\n2010-04-09 - Coordinated public Disclosure\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n A vulnerability in the way VMware libraries are referenced allows\n for arbitrary code execution in the context of the logged on user. \n This vulnerability is present only on Windows Guest Operating\n Systems. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to lure the user that is logged on a Windows Guest\n Operating System to click on the attacker\u0027s file on a network\n share. This file could be in any file format. The attacker will\n need to have the ability to host their malicious files on a\n network share. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n\n Steps needed to remediate this vulnerability:\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the remediated version of Workstation, Player, ACE,\n Server and Fusion. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any not affected\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x any 2.5.4 build 246459 or later\n\n ACE 2.6.x Windows not affected\n ACE 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any 2.0.2 build 203138 or later\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.6 build 246742 or later\n\n ESXi 4.0 ESXi ESXi400-201002402-BG\n ESXi 3.5 ESXi ESXe350-200912401-T-BG or later\n\n ESX 4.0 ESX ESX400-201002401-BG\n ESX 3.5 ESX ESX350-200912401-BG\n ESX 3.0.3 ESX ESX303-201002203-UG\n ESX 2.5.5 ESX Upgrade Patch 15\n\n b. This\n vulnerability is present only on Windows Guest Operating Systems. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the Virtual Machine of the user. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n escalation\n\n A vulnerability in the USB service allows for a privilege\n escalation. A local attacker on the host of a Windows-based\n Operating System where VMware Workstation or VMware Player\n is installed could plant a malicious executable on the host and\n elevate their privileges. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x any not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.0 Linux not affected\n Player 2.5.x any not affected\n\n Ace any any not affected\n\n Server 2.x any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not applicable\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x any 2.5.4 build 246459 or later\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion any any Mac OS/X not affected\n\n ESXi any ESXi not applicable\n\n ESX any ESX not applicable\n\n e. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Movie Decoder any Windows 6.5.4 Build 246459 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.x any not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n ACE any any not affected\n\n Server 2.x Window not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\nf. VMware Remote Console format string vulnerability\n\n VMware Remote Console (VMrc) contains a format string vulnerability. \n\n For an attack to be successful, an attacker would need to trick the\n VMrc user into opening a malicious Web page or following a malicious\n URL. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.x Linux not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x Windows not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any any not affected\n\n ESX any any not affected\n\n h. Potential information leak via hosted networking stack\n\n A vulnerability in the virtual networking stack of VMware hosted\n products could allow host information disclosure. \n\n A guest operating system could send memory from the host vmware-vmx\n process to the virtual network adapter and potentially to the\n host\u0027s physical Ethernet wire. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n i. Linux-based vmrun format string vulnerability\n\n A format string vulnerability in vmrun could allow arbitrary code\n execution. \n\n If a vmrun command is issued and processes are listed, code could\n be executed in the context of the user listing the processes. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n VIX API any Windows not affected\n VIX API 1.6.x Linux upgrade to VIX API 1.7 or later\n VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows not affected\n Workstation 6.5.x Linux 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x Windows not affected\n Player 2.5.x Linux 2.5.4 build 246459 or later\n\n Ace any Windows not affected\n\n Server 2.x Windows not affected\n Server 2.x Linux not being fixed at this time\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n VIX API 1.6 for Windows\n Version 2.0.2 | 203138 - 10/26/09\n 37 MB image\n md5sum: 827e65e70803ec65ade62dd27a74407a\n sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n For Linux\n\n VMware Server 2 for Linux Operating Systems. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 451 MB TAR image\n md5sum: cc7aef813008eeb7150c21547d431b39\n sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n VMware Fusion 3.0.2\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n VMware Fusion 3.0.2 (for Intel-based Macs)\n md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n VMware Fusion 2.0.7\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n VMware Fusion 2.0.7 (for Intel-based Macs)\n md5sum: a293f5ce6ccc227760640753386e9da6\n sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n VMware Fusion 2.0.7 Light (for Intel-based Macs)\n md5sum: d4772d118fb90323f598849e70c21189\n sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n ----------------------------------------------\n VIX API for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host\n md5sum:b494fc3092f07d0f29cc06a19fe61306\n sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n VIX API for Linux 32-bit\n md5sum:6b0ed8872d8b714363cddc68b6a77008\n sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n VIX API for Linux 64-bit\n md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n VIX API Version: 1.8.1 | 2009-10-11 | 207905\n ---------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:4f21e4cb518767bc08045f5a39f5d41f\n sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n VIX API for Linux 32-bit\n md5sum:f347e94d907c26754540d59956ee5d53\n sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n VIX API for Linux 64-bit\n md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n VIX API Version: 1.10 Beta | 01/28/10 | 222403\n ----------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n VIX API for Linux 32-bit\n md5sum:07d1989d042e317eb9d2b3daf269dda7\n sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n VIX API for Linux 64-bit\n md5sum:9b345008e0adec3c044988307294944b\n sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n ESXi\n ----\n ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n md5sum: e5aa2968d389594abdc59cbac7b0183d\n sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n http://kb.vmware.com/kb/1018404\n\n ESXi 3.5\n --------\n ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n ESXe350-200912401-O-BG from December 2009. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nNOTE: Other products and versions may also be affected. \n\n====================================================================== \n2) Severity \n\nRating: Highly critical\nImpact: System access\nWhere: Remote\n\n====================================================================== \n3) Vendor\u0027s Description of Software \n\n\"VMware Workstation makes it simple to create and run multiple virtual\nmachines on your desktop or laptop computer. \n\nThe vulnerability is caused by a boundary error in vmnc.dll when \nprocessing HexTile encoded video chunks and can be exploited to cause\na heap-based buffer overflow. \n\n====================================================================== \n6) Time Table \n\n14/09/2009 - Vendor notified. \n14/09/2009 - Vendor response. \n09/04/2010 - Public disclosure. \n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2009-36/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1564"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "BID",
"id": "39363"
},
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "PACKETSTORM",
"id": "88301"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88217"
}
],
"trust": 3.15
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2009-1564",
"trust": 4.1
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "39215",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "36712",
"trust": 2.5
},
{
"db": "BID",
"id": "39363",
"trust": 2.2
},
{
"db": "OSVDB",
"id": "63614",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1023838",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2010-0565",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0852",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788\u203b14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D740430-463F-11E9-9B95-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "4698DECC-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2009-1564",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88301",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88217",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "BID",
"id": "39363"
},
{
"db": "PACKETSTORM",
"id": "88301"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88217"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"id": "VAR-201004-1006",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
}
]
},
"last_update_date": "2026-03-09T20:23:16.624000Z",
"patch": {
"_id": null,
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/164"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.7,
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/36712"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39215"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/39363"
},
{
"trust": 1.9,
"url": "http://osvdb.org/63614"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023838"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.4,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=866"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.9,
"url": "http://www.vupen.com/english/advisories/2010/0852"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1564"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.3,
"url": "/archive/1/510643"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.2,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.2,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.2,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/exploits/"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/"
},
{
"trust": 0.1,
"url": "http://secunia.com/corporate/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/mailing_lists/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/products/ws/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "BID",
"id": "39363"
},
{
"db": "PACKETSTORM",
"id": "88301"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88217"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1",
"ident": null
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2010-0565",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2009-1564",
"ident": null
},
{
"db": "BID",
"id": "39363",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "88301",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "88215",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "88217",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2009-1564",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2010-04-12T00:00:00",
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1",
"ident": null
},
{
"date": "2010-04-12T00:00:00",
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2010-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0565",
"ident": null
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1564",
"ident": null
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39363",
"ident": null
},
{
"date": "2010-04-13T00:49:25",
"db": "PACKETSTORM",
"id": "88301",
"ident": null
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215",
"ident": null
},
{
"date": "2010-04-10T03:24:02",
"db": "PACKETSTORM",
"id": "88217",
"ident": null
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-153",
"ident": null
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001369",
"ident": null
},
{
"date": "2010-04-12T18:30:00.350000",
"db": "NVD",
"id": "CVE-2009-1564",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2010-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0565",
"ident": null
},
{
"date": "2010-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1564",
"ident": null
},
{
"date": "2010-04-12T20:13:00",
"db": "BID",
"id": "39363",
"ident": null
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-153",
"ident": null
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001369",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2009-1564",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "VMware VMnc Codec HexTile Coded Video Block Parsing Heap Overflow Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
}
],
"trust": 1.2
},
"type": {
"_id": null,
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
}
],
"trust": 1.0
}
}
VAR-200706-0666
Vulnerability from variot - Updated: 2026-03-09 20:03Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified. When Hitachi Web Server receives a request that contains malicious scripts, they are inserted into the server-satus page the Server automatically creates. This allows the inserted malicious scripts to be executed on the client machines. The vulnerability does not affect the product if the server-status reporting feature is disabled.An attacker could execute malicious scripts. The Apache HTTP Server mod_status module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated (CVE-2007-3304).
Updated packages have been patched to prevent the above issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
Updated Packages:
Mandriva Linux 2007.0: 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.1: 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Corporate 4.0: 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS Re00IyLecNs4MIGgsrv2qJE= =5EEm -----END PGP SIGNATURE-----
.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.6 *>= 2.0.59-r5 >= 2.2.6
Description
Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
Impact
A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
[ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
TITLE: Hitachi Web Server Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA27421
VERIFY ADVISORY: http://secunia.com/advisories/27421/
CRITICAL: Less critical
IMPACT: Security Bypass, Cross Site Scripting
WHERE:
From remote
SOFTWARE: uCosminexus Application Server http://secunia.com/product/13819/ Hitachi Web Server 3.x http://secunia.com/product/13335/ Hitachi Web Server 2.x http://secunia.com/product/13334/ Hitachi Web Server 1.x http://secunia.com/product/13333/
DESCRIPTION: Some vulnerabilities have been reported in the Hitachi Web Server, which can be exploited by malicious people to bypass certain security restrictions or conduct cross-site scripting attacks.
1) An error exists within the handling of SSL requests. This can be exploited to trick a vulnerable server into accepting a forged signature.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01178795 Version: 1
HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-02 Last Updated: 2007-10-02
Potential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
References: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache
BACKGROUND To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision A.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01
action: install revision B.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability. HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent.
MANUAL ACTIONS: Yes - Update Install HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 02 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ HHoe3AY1sc6hrW3Xk+B1hcbr =+E1W -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-499-1 August 16, 2007 apache2 vulnerabilities CVE-2006-5752, CVE-2007-1863, CVE-2007-3304 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.2 apache2-mpm-prefork 2.0.55-4ubuntu2.2 apache2-mpm-worker 2.0.55-4ubuntu2.2
Ubuntu 6.10: apache2-common 2.0.55-4ubuntu4.1 apache2-mpm-prefork 2.0.55-4ubuntu4.1 apache2-mpm-worker 2.0.55-4ubuntu4.1
Ubuntu 7.04: apache2-mpm-prefork 2.2.3-3.2ubuntu0.1 apache2-mpm-worker 2.2.3-3.2ubuntu0.1 apache2.2-common 2.2.3-3.2ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. (CVE-2006-5752)
Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)
A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz
Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc
Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb
Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171082 4318f93373b705563251f377ed398614
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 131850 951a4573901bc2f10d5febf940d57516
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171864 200ab662b2c13786658486df37fda881
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz
Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc
Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb
Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 171304 c4395af051e876228541ef5b8037d979
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 172078 01ccd554177364747b08e2933f121d2c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 93240 4573597317416869646eb2ea42cd0945
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 211578 9407383d85db831dab728b39cce9acc8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz
Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc
Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 2199184 c03756f87cb164213428532f70e0c198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 341312 906819b0de863209575aa65d39a594a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 446960 af1b667708e062f81bca4e995355394d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 404146 fd35e65fadd836feb0190b209947b466
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 430574 7b690896da23a151ee5e106d596c1143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 343370 1572a001a612add57d23350210ac1736
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.5"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.39"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.2"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.0"
},
{
"_id": null,
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - enterprise edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - standard edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - web edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"_id": null,
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0.5"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"_id": null,
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"_id": null,
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"_id": null,
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"_id": null,
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"_id": null,
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)5.0"
},
{
"_id": null,
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)4.2"
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.7"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12"
},
{
"_id": null,
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6"
},
{
"_id": null,
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.3"
},
{
"_id": null,
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.2"
},
{
"_id": null,
"model": "http server unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.2"
},
{
"_id": null,
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.58"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"_id": null,
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"_id": null,
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3"
},
{
"_id": null,
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "software foundation apache 2.3.38-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "software foundation apache 2.0.60-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "24645"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
}
]
},
"credits": {
"_id": null,
"data": "Stefan Esser\u203b s.esser@ematters.de",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
}
],
"trust": 0.6
},
"cve": "CVE-2006-5752",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-5752",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2007-000773",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-5752",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2007-000773",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-491",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2006-5752",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"description": {
"_id": null,
"data": "Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform \"charset detection\" when the content-type is not specified. When Hitachi Web Server receives a request that contains malicious scripts, they are inserted into the server-satus page the Server automatically creates. This allows the inserted malicious scripts to be executed on the client machines. The vulnerability does not affect the product if the server-status reporting feature is disabled.An attacker could execute malicious scripts. The Apache HTTP Server mod_status module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. This could lead to a denial of service\n if using a threaded MPM (CVE-2007-1863). A local attacker with the\n ability to run scripts on the server could manipulate the scoreboard\n and cause arbitrary processes to be terminated (CVE-2007-3304). \n \n Updated packages have been patched to prevent the above issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm\n 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm\n 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm\n bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm\n c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm\n 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm\n d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm\n 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm\n f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm\n ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm\n d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm\n fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm\n 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm\n 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm\n 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm\n ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm\n c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm\n 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm\n 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm\n fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm\n 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm\n b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm\n 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm\n feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm\n a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm\n da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm\n ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm\n 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm\n 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm\n 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm\n d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm\n 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm\n f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm\n 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm\n adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm\n 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm\n 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm\n 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm\n 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm\n 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm\n b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm\n 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm\n 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm\n afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm\n d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm\n abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm\n b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm\n 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm\n 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm\n caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm\n e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Corporate 4.0:\n 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm\n 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm\n ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm\n 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm\n b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm\n c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm\n 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm\n a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm\n 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm\n 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm\n 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm\n 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm\n ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm\n a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm\n babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS\nRe00IyLecNs4MIGgsrv2qJE=\n=5EEm\n-----END PGP SIGNATURE-----\n\n. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.2.6 *\u003e= 2.0.59-r5\n \u003e= 2.2.6\n\nDescription\n===========\n\nMultiple cross-site scripting vulnerabilities have been discovered in\nmod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error\nhas been discovered in the recall_headers() function in mod_mem_cache\n(CVE-2007-1862). The mod_cache module does not properly sanitize\nrequests before processing them (CVE-2007-1863). The Prefork module\ndoes not properly check PID values before sending signals\n(CVE-2007-3304). The mod_proxy module does not correctly check headers\nbefore processing them (CVE-2007-3847). \n\nImpact\n======\n\nA remote attacker could exploit one of these vulnerabilities to inject\narbitrary script or HTML content, obtain sensitive information or cause\na Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.0.59-r5\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n [ 2 ] CVE-2007-1862\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862\n [ 3 ] CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n [ 4 ] CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n [ 5 ] CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n [ 6 ] CVE-2007-4465\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200711-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nGet a free trial of the Secunia Vulnerability Intelligence Solutions:\nhttp://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv\n\n----------------------------------------------------------------------\n\nTITLE:\nHitachi Web Server Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA27421\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/27421/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass, Cross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nuCosminexus Application Server\nhttp://secunia.com/product/13819/\nHitachi Web Server 3.x\nhttp://secunia.com/product/13335/\nHitachi Web Server 2.x\nhttp://secunia.com/product/13334/\nHitachi Web Server 1.x\nhttp://secunia.com/product/13333/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in the Hitachi Web Server,\nwhich can be exploited by malicious people to bypass certain security\nrestrictions or conduct cross-site scripting attacks. \n\n1) An error exists within the handling of SSL requests. This can be\nexploited to trick a vulnerable server into accepting a forged\nsignature. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html\nhttp://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01178795\nVersion: 1\n\nHPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-02\nLast Updated: 2007-10-02\n\nPotential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache\n\nBACKGROUND\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended patch or update is installed. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision A.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \n\naction: install revision B.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \nHP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \n\nMANUAL ACTIONS: Yes - Update \nInstall HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 02 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ\nHHoe3AY1sc6hrW3Xk+B1hcbr\n=+E1W\n-----END PGP SIGNATURE-----\n. =========================================================== \nUbuntu Security Notice USN-499-1 August 16, 2007\napache2 vulnerabilities\nCVE-2006-5752, CVE-2007-1863, CVE-2007-3304\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.2\n apache2-mpm-prefork 2.0.55-4ubuntu2.2\n apache2-mpm-worker 2.0.55-4ubuntu2.2\n\nUbuntu 6.10:\n apache2-common 2.0.55-4ubuntu4.1\n apache2-mpm-prefork 2.0.55-4ubuntu4.1\n apache2-mpm-worker 2.0.55-4ubuntu4.1\n\nUbuntu 7.04:\n apache2-mpm-prefork 2.2.3-3.2ubuntu0.1\n apache2-mpm-worker 2.2.3-3.2ubuntu0.1\n apache2.2-common 2.2.3-3.2ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nStefan Esser discovered that mod_status did not force a character set,\nwhich could result in browsers becoming vulnerable to XSS attacks when\nprocessing the output. If a user were tricked into viewing server\nstatus output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such as\npasswords), within the same domain. By default, mod_status is disabled\nin Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made to\ncrash using a specially crafted request. A remote user could use this\nto cause a denial of service if Apache was configured to use a threaded\nworker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local\nattacker could trick Apache into sending SIGUSR1 to other processes. \nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz\n Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc\n Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb\n Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171082 4318f93373b705563251f377ed398614\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 131850 951a4573901bc2f10d5febf940d57516\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171864 200ab662b2c13786658486df37fda881\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz\n Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc\n Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb\n Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 171304 c4395af051e876228541ef5b8037d979\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 172078 01ccd554177364747b08e2933f121d2c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 93240 4573597317416869646eb2ea42cd0945\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 211578 9407383d85db831dab728b39cce9acc8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz\n Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc\n Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 2199184 c03756f87cb164213428532f70e0c198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 341312 906819b0de863209575aa65d39a594a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 446960 af1b667708e062f81bca4e995355394d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 404146 fd35e65fadd836feb0190b209947b466\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 430574 7b690896da23a151ee5e106d596c1143\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 343370 1572a001a612add57d23350210ac1736\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5752"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
}
],
"trust": 2.7
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2006-5752",
"trust": 3.5
},
{
"db": "BID",
"id": "24645",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2727",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3283",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3386",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4305",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0233",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25920",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26993",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28212",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28606",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26458",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28224",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26842",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27563",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27037",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25873",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26508",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26822",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26273",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26443",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25827",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25830",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "37052",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018302",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27421",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2006-5752",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57505",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "HITACHI",
"id": "HS07-035",
"trust": 0.1
},
{
"db": "HITACHI",
"id": "HS07-034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60585",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57507",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58667",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"id": "VAR-200706-0666",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2026-03-09T20:03:11.768000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HS07-035",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-499-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2006-5752 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/SecureAxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-79",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0534.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0556.html"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-353.htm"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702"
},
{
"trust": 2.0,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0533.html"
},
{
"trust": 2.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/24645"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200711-06.xml"
},
{
"trust": 1.7,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=549159"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0532.html"
},
{
"trust": 1.7,
"url": "https://issues.rpath.com/browse/rpl-1500"
},
{
"trust": 1.7,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=186219"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pk49295\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:140"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:141"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:142"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0557.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html"
},
{
"trust": 1.7,
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-499-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018302"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25827"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25830"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25873"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25920"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26273"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26443"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26458"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26508"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26822"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26842"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26993"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27037"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27563"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27732"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28212"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28224"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28606"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0233"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01178795"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4305"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2727"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3283"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"trust": 1.7,
"url": "http://osvdb.org/37052"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35097"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10154"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 1.1,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5809"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/3666"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5752"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5809"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/27421"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-012.htm"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/changes_2.2.6"
},
{
"trust": 0.3,
"url": "/archive/1/481830"
},
{
"trust": 0.3,
"url": "/archive/1/479708"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk49295"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0532.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2006-5752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/499-1/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13335/"
},
{
"trust": 0.1,
"url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-034_e/index-e.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/27421/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13333/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13819/"
},
{
"trust": 0.1,
"url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-035_e/index-e.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13334/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1358"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/softwaredepot/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1355"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3386"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2450"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3382"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2756"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3385"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2449"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2006-5752",
"ident": null
},
{
"db": "BID",
"id": "24645",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "57506",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "57505",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "60759",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "60585",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "59939",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "57507",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "58667",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2006-5752",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2007-06-27T00:00:00",
"db": "VULMON",
"id": "CVE-2006-5752",
"ident": null
},
{
"date": "2007-06-26T00:00:00",
"db": "BID",
"id": "24645",
"ident": null
},
{
"date": "2007-07-07T04:30:58",
"db": "PACKETSTORM",
"id": "57506",
"ident": null
},
{
"date": "2007-07-07T04:29:41",
"db": "PACKETSTORM",
"id": "57505",
"ident": null
},
{
"date": "2007-11-07T20:27:55",
"db": "PACKETSTORM",
"id": "60759",
"ident": null
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"date": "2007-11-01T02:12:35",
"db": "PACKETSTORM",
"id": "60585",
"ident": null
},
{
"date": "2007-10-10T05:27:27",
"db": "PACKETSTORM",
"id": "59939",
"ident": null
},
{
"date": "2007-07-07T04:32:02",
"db": "PACKETSTORM",
"id": "57507",
"ident": null
},
{
"date": "2007-08-17T06:30:14",
"db": "PACKETSTORM",
"id": "58667",
"ident": null
},
{
"date": "2007-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-491",
"ident": null
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000773",
"ident": null
},
{
"date": "2007-06-27T17:30:00",
"db": "NVD",
"id": "CVE-2006-5752",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2022-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2006-5752",
"ident": null
},
{
"date": "2010-08-05T21:15:00",
"db": "BID",
"id": "24645",
"ident": null
},
{
"date": "2021-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-491",
"ident": null
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000773",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-5752",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
}
],
"trust": 0.6
}
}
VAR-200609-1782
Vulnerability from variot - Updated: 2026-03-07 23:17Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. A buffer overflow vulnerability in an OpenSSL library function could allow a remote attacker to execute code on an affected system. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.
Background
The Mozilla Network Security Service is a library implementing security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates. This impacts any software using the NSS library, like the Mozilla products Firefox, Thunderbird and Seamonkey.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: gzip Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA21996
VERIFY ADVISORY: http://secunia.com/advisories/21996/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
SOFTWARE: gzip 1.x http://secunia.com/product/4220/
DESCRIPTION: Tavis Ormandy has reported some vulnerabilities in gzip, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
1) A boundary error within the "make_table()" function in unlzh.c can be used to modify certain stack data. tricking a user or automated system into unpacking a specially crafted archive file. tricking a user or automated system into unpacking a specially crafted "pack" archive file.
3) A buffer overflow within the "make_table()" function of gzip's LZH support can be exploited to cause a DoS and potentially to compromise a vulnerable system by e.g. tricking a user or automated system into unpacking an archive containing a specially crafted decoding table.
4) A NULL pointer dereference within the "huft_build()" function and an infinite loop within the LZH handling can be exploited to cause a DoS by e.g. tricking a user or automated system into unpacking a specially crafted archive file.
The vulnerabilities have been reported in version 1.3.5.
SOLUTION: Do not unpack untrusted archive files.
PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy, Google Security Team
ORIGINAL ADVISORY: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
OTHER REFERENCES: US-CERT VU#554780: http://www.kb.cert.org/vuls/id/554780
US-CERT VU#381508: http://www.kb.cert.org/vuls/id/381508
US-CERT VU#773548: http://www.kb.cert.org/vuls/id/773548
US-CERT VU#933712: http://www.kb.cert.org/vuls/id/933712
US-CERT VU#596848 http://www.kb.cert.org/vuls/id/596848
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1191-1 security@debian.org http://www.debian.org/security/ Martin Schulze October 5th, 2006 http://www.debian.org/security/faq
Package : mozilla-thunderbird Vulnerability : several Problem type : remote Debian-specific: no CVE IDs : CVE-2006-2788 CVE-2006-4340 CVE-2006-4565 CVE-2006-4566 CVE-2006-4568 CVE-2006-4570 CVE-2006-4571 BugTraq ID : 20042
Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird.
CVE-2006-4340
Daniel Bleichenbacher recently described an implementation error
in RSA signature verification that cause the application to
incorrectly trust SSL certificates.
CVE-2006-4570
Georgi Guninski demonstrated that even with JavaScript disabled in
mail (the default) an attacker can still execute JavaScript when a
mail message is viewed, replied to, or forwarded.
For the stable distribution (sarge) these problems have been fixed in version 1.0.2-2.sarge1.0.8c.1.
For the unstable distribution (sid) these problems have been fixed in version 1.5.0.7-1.
We recommend that you upgrade your Mozilla Thunderbird packages.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.dsc
Size/MD5 checksum: 1003 d7261fba347b9876e873f1d424e60190
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.diff.gz
Size/MD5 checksum: 519315 066ed351050722c36274e3e837fd174f
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2.orig.tar.gz
Size/MD5 checksum: 33288906 806175393a226670aa66060452d31df4
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 12855288 285e55a20445ea5dffe79de01baf788c
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 3280106 0206d9fe08e3da2d4bf919c6b2b54ec7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 152092 c5c984f0f11f94cb263f5bbef367de09
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 33520 ed7e6d825f630da666e07914527f2c75
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 89492 1e9ed565915dc4327e444ad999cc5daa
AMD64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 12258904 f40f86252184ce7360b2b9d1e58cef8f
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 3281164 e4e2160d22d4721508f1762804b3b18b
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 151124 a72d17f827929c9189f9ba96ff73c7a1
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 33512 bbe0fe4a7e56a138c220790ab9de97a6
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 89350 f2b7e1d1d4eb5f1abb2522ddbdb46ff5
ARM architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 10345146 4c171699433072d443eb7b35a2550fd2
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 3272118 a52ad3d2cd1806e936374537e135d7db
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 143266 9dedbe9b5f45727a93cfccb5c99bf371
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 33522 14d1c0d0af46731075ea7c35c2900258
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 81318 81219b4c82896fab12427e42df1b2760
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 13570024 3a62ee11075402dfad030e2ede937191
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 3285124 e9cadee2d32b2bcb56b1278043e97da4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 153296 3fecaa707002afb1ba6854da724ad132
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 33520 83e537b9aff4d44fd958043298a1d7f2
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 97390 c3ceeedcf00d99d34c7b5f424da7da63
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 11568436 af1de65bd715970c4432149aec80b2a2
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 3507870 5dab89db24f1443fe782dc931f4ee0af
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 146732 bc52082cd1ab0f026c401204cd63b4a7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 33518 5d3c9700cce7b9c0261c246ed7b8afd4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 88084 e244c9c8b7224814774bef13f4213d4e
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 14628630 07bfcc171f449b86b9d62f903e29d506
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 3291260 d7186841974796f8f90be26700801a95
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 155452 e17eb664e56fcc0809dd36580f92cc1a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 33514 fc890529fdea5526a05ffd16b96f5956
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 107220 eb93528d586b050ecc3b60742b4fa344
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 10794842 fa716b92e3c7a9d67fad6fd453c78bb4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 3271690 d95eb910dd6d38de41c17fcb6b1c4696
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 145054 2b7570676e15cea809905c442f91b5e0
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 33550 3db6c520d1c489fb4e17501d19dececf
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 82556 32d25c11844a48ed963e3c5c51ff34fc
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 11948708 4f58ce9668da6a12b823edaa3c8b35b3
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 3279410 e639b2bf43eda95d3ca3bb0b9aec6df7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 148042 cb6ee4a9bd4dec3166e48e356b9c3465
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 33524 2765555b00f4ed717b34e98c5c0d9c02
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 84748 0e934e90bb6bd47c7500fd665728ba27
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 11817078 4239077894c74444d33063229dd847df
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 3280416 ac165850436e63818da8fffe134628d1
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 147600 ae6d7ff1b34dddab3d0c18d6e38bc77b
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 33518 27bed1b95a4e34a291c7e67c6a9fdd37
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 84650 173fefc8b58b15398b3cccad2c812495
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 10912494 d13ec5b97f5fde0795e5f762330756f6
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 3270108 dbd7eb3154db4a379fcfcda6b7d414b9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 145048 b9ab45845f58fb064d7d1ae449481db9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 33526 b5e07e26d215581b4cc0fea6d71beaf3
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 81478 b57b8038afbfd5490a6cf847e740ab60
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 12705708 68195861caccd07a18a379ffe2e88403
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 3280614 38dec996622a4e1762a1ef683bba9c43
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 151436 b54ba7420653e63746d019b979f3ae76
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 33516 e24dafe27c103a8d40de9a905b052311
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 89290 9daa1eb634834e02aefde0a594bcd0f9
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 11181284 adedd4c6302ddb868a531810d226143a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 3275816 c38922ec47674939277e6984f87c0eb4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 144702 9183a627463aa564a0313d4d361d22f3
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 33528 5f87736faa9ee0a9b10e29c48280798a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 83122 72966880dc02a1b472dcac7b1404fa58
These files will probably be moved into the stable distribution on its next update.
This update provides the latest Firefox to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4571 http://www.mozilla.org/security/announce/2006/mfsa2006-57.html http://www.mozilla.org/security/announce/2006/mfsa2006-58.html http://www.mozilla.org/security/announce/2006/mfsa2006-59.html http://www.mozilla.org/security/announce/2006/mfsa2006-60.html http://www.mozilla.org/security/announce/2006/mfsa2006-61.html http://www.mozilla.org/security/announce/2006/mfsa2006-62.html http://www.mozilla.org/security/announce/2006/mfsa2006-64.html
Updated Packages:
Mandriva Linux 2006.0: 4e750ef25e44a1b493d2a61ad5f9a7a2 2006.0/i586/devhelp-0.10-7.2.20060mdk.i586.rpm e6cd690c11d4e8f352d2ce7bf0f7d4be 2006.0/i586/epiphany-1.8.5-4.2.20060mdk.i586.rpm b2f094942eca657f3dc7a8699cb8b776 2006.0/i586/epiphany-devel-1.8.5-4.2.20060mdk.i586.rpm c4ae8fc253aa1fe055ec4c1560205fab 2006.0/i586/epiphany-extensions-1.8.2-3.2.20060mdk.i586.rpm 08cde29a26e6ac2d0e3b629f660db9fe 2006.0/i586/galeon-2.0.1-1.2.20060mdk.i586.rpm 9c94b904a9f2c64090328edd73d0e1fa 2006.0/i586/libdevhelp-1_0-0.10-7.2.20060mdk.i586.rpm b5ad67818794371f50d63a611c79b45b 2006.0/i586/libdevhelp-1_0-devel-0.10-7.2.20060mdk.i586.rpm fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/i586/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm 770e8d6c5643c78f486ae2c115f7c740 2006.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm ffb123d21760cbba92a232dfb1150b7e 2006.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mdk.i586.rpm fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/i586/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/i586/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm 2596f8b787cea221c80a85fd0854f766 2006.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mdk.i586.rpm c912e48bd5138b8f42b24b3c34653a19 2006.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.i586.rpm 1a82466395715237df552070e51f6525 2006.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.i586.rpm 514de0cacb2462a8a6a26206ac18b617 2006.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.i586.rpm 70415104d0814a6e94c1997c0c464957 2006.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.i586.rpm c2b5a360abd1a8a3e78dd8e9df072b4c 2006.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.i586.rpm f8dd2e9e5a5e374782d9154b09ca7b7d 2006.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.i586.rpm a20a2bee8f26440b13294ef6247f66ec 2006.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.i586.rpm c60d356eddf74e8799b239a925b35953 2006.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.i586.rpm 5b4fbc76811530cfc20ef319daf2f577 2006.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.i586.rpm fdc7591dc15dce7e373f4e167fb2c769 2006.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.i586.rpm 00a17b297ea7b7ee31a3fca5d3109ffc 2006.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.i586.rpm 2bee9151bc0e40bf1ff22a9224643dcb 2006.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.i586.rpm 03285b22a86c82b8558467befb5fa04b 2006.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.i586.rpm f9dbe9c8d7b907e6c1a80f0bce2d9323 2006.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.i586.rpm 4e13ea6856a71514c569581e06515ae8 2006.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.i586.rpm 81b56a020127b1e9c41facb963e670be 2006.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.i586.rpm 3a14f0cee1271d5f4cfedc8967a2be45 2006.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.i586.rpm 9612ac69d69114d1da1dc1bfa6530d9b 2006.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.i586.rpm 9a47da16333b9c1d839e19420ab5c3a5 2006.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.i586.rpm ea5b214a43077114d8adaf184ba6ce61 2006.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.i586.rpm ebf899b39e850438dd4cfb1bbab9ba8d 2006.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.i586.rpm 18522be12bdda788de662d07d5a07e08 2006.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.i586.rpm 19a62453c05c0443aa2999a177d50dac 2006.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.i586.rpm 352aa6197b0b79025f5a71a3135d95c9 2006.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.i586.rpm 64b460d997ff70bf0ff50400c20a98e1 2006.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.i586.rpm 1f67f28a68d57baa96523ef05ccd1bbe 2006.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.i586.rpm f5b2681e10e6eb68e4fb9041262b65c5 2006.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.i586.rpm 8d47794342c430b50dc04f7d4c65cf9d 2006.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.i586.rpm d975c5d5ec3c8fed8846f02105ba4795 2006.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.i586.rpm 563d01331a992ec6ded54d5118bc10ad 2006.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.i586.rpm 4da569e782da6c5b98eab4862c335600 2006.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.i586.rpm 4a77a4d9b22704184694a1a0580440f5 2006.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.i586.rpm 0a153e8351a1ffdfadf067cdf9b2ee06 2006.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.i586.rpm e7ed42daf0c68890a34422d8f5b7dcf6 2006.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.i586.rpm 542ce6ba9713683b8a741ab921cd3e45 2006.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.i586.rpm 55c8c83ad72d6289bf1d45ea517b74ba 2006.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.i586.rpm 591beaf9e8abf8911f023fb147efe765 2006.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.i586.rpm 23b9d2502d7cb24aeea82f358a428ec2 2006.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.i586.rpm be8acdc18fe55ea8a9d0afc553bf21d3 2006.0/i586/yelp-2.10.0-6.2.20060mdk.i586.rpm 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 8f79a25451b9f41d48df89f996869cc7 2006.0/x86_64/devhelp-0.10-7.2.20060mdk.x86_64.rpm a9b851ddb7a77ee0f6d73c9a475658e0 2006.0/x86_64/epiphany-1.8.5-4.2.20060mdk.x86_64.rpm 606bb2a3ece209a7c260fd81d776c123 2006.0/x86_64/epiphany-devel-1.8.5-4.2.20060mdk.x86_64.rpm bb99bf7ed2e5608849cb9b0bcac49041 2006.0/x86_64/epiphany-extensions-1.8.2-3.2.20060mdk.x86_64.rpm 6caf5e05026177525d0d04225e5dcc4a 2006.0/x86_64/galeon-2.0.1-1.2.20060mdk.x86_64.rpm 2ef32f51f707beff08db88d61aab842d 2006.0/x86_64/lib64devhelp-1_0-0.10-7.2.20060mdk.x86_64.rpm 50b6716aa33e6065ce0ba0b107fb3a8c 2006.0/x86_64/lib64devhelp-1_0-devel-0.10-7.2.20060mdk.x86_64.rpm 0b3997e3f646af18f684fdce56194ae3 2006.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mdk.x86_64.rpm 75e63b4f3785b8c7fa4924d7f30be921 2006.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm cda6b659c2777c44fdde0ac3ab1fb11b 2006.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm 4f3e6424fa71a629be1b81415fe2b875 2006.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mdk.x86_64.rpm 7bd353454999969148524636267b68c5 2006.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/x86_64/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm 770e8d6c5643c78f486ae2c115f7c740 2006.0/x86_64/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/x86_64/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/x86_64/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm 561212c426f35a3e2393ad3acbf11bda 2006.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mdk.x86_64.rpm a4a76ca919cec68bef5ec0521e4185b2 2006.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.x86_64.rpm e23f698f02d78a8d8b2ac056e91f106a 2006.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.x86_64.rpm 1e815c45fb57ee56bd4d4258a8cda5ad 2006.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.x86_64.rpm 1c348254b80cec87c2b804825cdd8a5d 2006.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.x86_64.rpm 6eac0be09030f9ed629107600bcbf88f 2006.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.x86_64.rpm a06b4569f5392501df97fb209315782f 2006.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.x86_64.rpm 98aac82b44a66047d884b95f251cd6c5 2006.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.x86_64.rpm 9479078391f288562b612afff9cb994e 2006.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm 247dce39896e7230ffda5ca8bc58d736 2006.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.x86_64.rpm a86cb00b8b07cd45a1274ddc318de2bd 2006.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.x86_64.rpm 8ba8f4e4d9fcfef9f3cc4ac71b15c5df 2006.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.x86_64.rpm 4c477d0ef8c843b9416185508c9181a1 2006.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.x86_64.rpm 6e9c4c9c6ba8cfefd32e4d135943824d 2006.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.x86_64.rpm b8046ef3da338188287fa9a8ebfb9515 2006.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.x86_64.rpm 1609e86fa50ef7c5c3ef827bf47090e8 2006.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.x86_64.rpm 5cdf122cafadd7f2125d42246402e29d 2006.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.x86_64.rpm 75f82717c62d51d00ba25abcdf3e26a5 2006.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.x86_64.rpm 75b03be94bdea20dbbf361a3a295e4c9 2006.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.x86_64.rpm 672f36e40f7c5463b5e771bcaeae31af 2006.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.x86_64.rpm 8cf3e2082d406f71c4c7d3f638792e1e 2006.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.x86_64.rpm 4f0f77a0b9fd79a671857fd330933289 2006.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.x86_64.rpm b5c00962987efb764ea77e76c9734c79 2006.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.x86_64.rpm f788aefcdac5b098d8853a3ef4fe146c 2006.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.x86_64.rpm 4afff3966656a65b55290d08d446d864 2006.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.x86_64.rpm e63e4db3037a915ac24dca78e5ae8617 2006.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.x86_64.rpm 7e443e15233a3db5b76ae7c299d1e7d9 2006.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.x86_64.rpm 75ca84a45213c2d33d66b68c649dd875 2006.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.x86_64.rpm 7a8cd126f5f5c63d45efe79a1e78e94d 2006.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.x86_64.rpm 342155314a7801a1637d807e8ae8754d 2006.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.x86_64.rpm 359e5cb75905f2c08b49ecb1eccdf335 2006.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.x86_64.rpm fa480b18d46eaed805f8fe0c92f6a9fe 2006.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.x86_64.rpm 3233bb351b6c89deb25a6722df088e9a 2006.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.x86_64.rpm f1347555bb50e32c58ac3edba31f3d1a 2006.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.x86_64.rpm c20fd1c8861e74829879a63075fdf2f4 2006.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.x86_64.rpm 8c73daea2686e503d3367d112c4c691e 2006.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.x86_64.rpm 59d920837831e1a165ce19447066b4e5 2006.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.x86_64.rpm 869bea0fbfc6b2c65ab525d80aed03b9 2006.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.x86_64.rpm 1b867a3b0b7d8efd86377d0f0dcb67c3 2006.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.x86_64.rpm 12ab7912491456d673058667c8c0dc3a 2006.0/x86_64/yelp-2.10.0-6.2.20060mdk.x86_64.rpm 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm
Corporate 3.0: c106557de1e045e5840a453d710b63e7 corporate/3.0/i586/libnspr4-1.5.0.7-0.1.C30mdk.i586.rpm b5a3de7c01f7a4187f85bc66db242c67 corporate/3.0/i586/libnspr4-devel-1.5.0.7-0.1.C30mdk.i586.rpm 8d1cfeaf1cb031bc1ec4519994801b6a corporate/3.0/i586/libnspr4-static-devel-1.5.0.7-0.1.C30mdk.i586.rpm d08546a25f6e78701feed1d67d53fabd corporate/3.0/i586/libnss3-1.5.0.7-0.1.C30mdk.i586.rpm 3371ded40c0bd1a8e828d9e92aed09fd corporate/3.0/i586/libnss3-devel-1.5.0.7-0.1.C30mdk.i586.rpm 6d635b07ba60ed49fe27d4c633204520 corporate/3.0/i586/mozilla-firefox-1.5.0.7-0.1.C30mdk.i586.rpm aa83aaff11daa5889c9d36c928075341 corporate/3.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.i586.rpm 059c5de9e7a5f658cfbc692c913b3403 corporate/3.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.i586.rpm 63b8a1a7db1568964fe4dc1d32552f52 corporate/3.0/i586/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.i586.rpm cf48e548709250792e5a87c12db71cf1 corporate/3.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.i586.rpm 90c83713c4fd403c9999cf52c56eb282 corporate/3.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.i586.rpm 91279bd7d327c1a3bc0855cb06007f82 corporate/3.0/i586/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.i586.rpm 1fec2333c2988cc7cb7238d5bcf1812d corporate/3.0/i586/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.i586.rpm debf0c0ddd775793cd87fedcaefc5cf7 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.i586.rpm 6e9ec67c3a28bde55146ca1f475cb847 corporate/3.0/i586/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.i586.rpm 53c7defd9f6f8168990e4f4d4fa3a495 corporate/3.0/i586/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.i586.rpm 5ac67c7e12f4edd0429bc2f085e438e6 corporate/3.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.i586.rpm 5d4ac2f2cd3d6aecd52365e54aa85d66 corporate/3.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.i586.rpm aad00d0da3781f7165ed63df0276962d corporate/3.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.i586.rpm c531c8f33674e476980aa2cf112440bc corporate/3.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.i586.rpm 8f33047a9c560757a90831ea415ef814 corporate/3.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.i586.rpm ec0a957af4cd462f58c3d846a37d68b4 corporate/3.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.i586.rpm 1f8f0a6a7f962c1b1cf9d3dec38af0e2 corporate/3.0/i586/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.i586.rpm 354c14637e7df983f16903f46bf81171 corporate/3.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.i586.rpm b9fdd2f2db6f74ef240e23ace3a3a0c3 corporate/3.0/i586/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.i586.rpm 831a3b7c411cc716527dfe1c97d63de2 corporate/3.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.i586.rpm a89843c85143fa62e264f37df634b920 corporate/3.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.i586.rpm 382ff5621db369b06e9d76a41a4fa509 corporate/3.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.i586.rpm 4181358e7b0b84ff907bd5173be137d2 corporate/3.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.i586.rpm 6da617d32c9eb917180eddd62aeabf54 corporate/3.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.i586.rpm c0e559c0dc865c97435a918d77d690dd corporate/3.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.i586.rpm 05a64d9e97c0ec16b661d93e4c49ba93 corporate/3.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.i586.rpm ef2379b44f8e241a7811eee7031e9838 corporate/3.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.i586.rpm 08f36ddea8f0b8ad5decc76b6ebf7106 corporate/3.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.i586.rpm 9af857fcd8a7e98707ae77fcbd17e25d corporate/3.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.i586.rpm 5b23c90450de3a6ee1b879dafb4e0ebb corporate/3.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.i586.rpm 646d7d7ca0374da1d90c77ff827b7a3b corporate/3.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.i586.rpm 25746d2ce3a97f620f1c098daef474ed corporate/3.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.i586.rpm fb12bfb159f9d9a291e838cb6994daa5 corporate/3.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.i586.rpm 962b2b084cde62a28341c177d006b755 corporate/3.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.i586.rpm 784906446777df1d03ba5ac75e790104 corporate/3.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.i586.rpm 543df7658745731ec6341a1d46901e5e corporate/3.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.i586.rpm ef4728e96d4c1dadc4e9286022c6fc1a corporate/3.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.i586.rpm f974e234f39298065b5a120da2aad80f corporate/3.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.i586.rpm da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm
Corporate 3.0/X86_64: 38e5d39281cf8fe28ae400ef6880ed82 corporate/3.0/x86_64/lib64nspr4-1.5.0.7-0.1.C30mdk.x86_64.rpm 8594d09e78d9ec76bed9bb5bf9065a9d corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm 88ea20792afc414a8511312fc53c9973 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm 0749638fca3fc55a0c84b374c8ddce4c corporate/3.0/x86_64/lib64nss3-1.5.0.7-0.1.C30mdk.x86_64.rpm 3bd450c319eada8936baad026c0e7edc corporate/3.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm 86a6c461d4b783867fbf62dba98b76a0 corporate/3.0/x86_64/mozilla-firefox-1.5.0.7-0.1.C30mdk.x86_64.rpm fa3bdb060dc9933093cd59604e0e9770 corporate/3.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.x86_64.rpm cf50847d5e76e5a9b0cd9c48a156f919 corporate/3.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.x86_64.rpm 5251818cebcf07fdb025aded5d99f092 corporate/3.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.x86_64.rpm 1ae9e70895e0bfb45034d2cfa4c937b8 corporate/3.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.x86_64.rpm 3585c137dc33769069e8961fa5a7ae7b corporate/3.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.x86_64.rpm e10f6d78aa54d325f8a38d7f8729f1ac corporate/3.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.x86_64.rpm 62bd1fd39df7abf0ce81eb9d711f6d14 corporate/3.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.x86_64.rpm e34c011d455b576e4e27b20d4bc057db corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm aebe66911dac80623339aee380ec165a corporate/3.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.x86_64.rpm 3c5f109ae088242966604dce6338f07b corporate/3.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.x86_64.rpm 17ef425bc7fc131b9de3632fb92317d1 corporate/3.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.x86_64.rpm 15ea134fde2b507f46e6e4faf243135f corporate/3.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.x86_64.rpm ce6f4aa7a0fb1ac425afc5d915bb392d corporate/3.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.x86_64.rpm 13b0b693682e7def5e320473342cf4a0 corporate/3.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.x86_64.rpm d5fd81f204e46d15b6d1124376ab0930 corporate/3.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.x86_64.rpm cb389fc624d1961cf2ab00488bad7cef corporate/3.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.x86_64.rpm 3cd572d77c055bf562c3678c513ff3c8 corporate/3.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.x86_64.rpm ea7215256650d751ae2ce0d20812fa96 corporate/3.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.x86_64.rpm 57fcf8c6e9f251d3eb4f0096ca55cea3 corporate/3.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.x86_64.rpm d7f6310911b7e049876f7b70c16b8ccc corporate/3.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.x86_64.rpm 8c0b97b440922510631400b5aea900ac corporate/3.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.x86_64.rpm 8045c85ca598518aff6c7ead8f3fbf61 corporate/3.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.x86_64.rpm 996d7bb252cf32b3ddce18a90b4bb8d9 corporate/3.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.x86_64.rpm 5a3b346110144f79e05c20d13ac90663 corporate/3.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.x86_64.rpm c56729c0896b11a9e49875fe2b493872 corporate/3.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.x86_64.rpm da6306fcba9fba87d98f68208e752bf8 corporate/3.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.x86_64.rpm e94eca882ce53af3086bac6cf70076ea corporate/3.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.x86_64.rpm 810bc3ca66d52d5537ece20a12679fec corporate/3.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.x86_64.rpm c97bcde75d8118bb3d6c38428b811cc9 corporate/3.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.x86_64.rpm 629ec7999ae3fd23e36e2c6722847bbe corporate/3.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.x86_64.rpm ad435041d1138f8a38a0a0739cff18d8 corporate/3.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.x86_64.rpm f76501363a31bcd388f5edcc80881196 corporate/3.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.x86_64.rpm e400f4b7e77307c8c5ab1bc26691168a corporate/3.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.x86_64.rpm 126f45e769e463182b4ade57183684c1 corporate/3.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.x86_64.rpm 160b09d1c10d0b781d8c1a17779432ed corporate/3.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.x86_64.rpm c5c363d0552c8365bf5dc6a0936d28b2 corporate/3.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.x86_64.rpm c4baf08469f1dbea8924429a7ec7b86e corporate/3.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.x86_64.rpm b9ce84c78e92b6f5e75954ada2706722 corporate/3.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.x86_64.rpm da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm
Corporate 4.0: 64a0356cc8f1b1ffcdfdef3d8d146cc5 corporate/4.0/i586/libnspr4-1.5.0.7-0.1.20060mlcs4.i586.rpm 3f0b705031d1e95280e8194338b2d381 corporate/4.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm 1bba2e76f21b670f44ba65f8c92b67e1 corporate/4.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm cb10e515e0fad365a81273a9b620cbc7 corporate/4.0/i586/libnss3-1.5.0.7-0.1.20060mlcs4.i586.rpm 3534b6f0e0b64686aee7b0758ec33daf corporate/4.0/i586/libnss3-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm c3aa90658d2adeb4e6543426c493a0fe corporate/4.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.i586.rpm 122e2ce3928dd2898118533f45f851e1 corporate/4.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.i586.rpm 3ade855a9fc71980eec72c8dbc107ae3 corporate/4.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.i586.rpm c189b7b4b54f4bdf040635750df007f8 corporate/4.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.i586.rpm 360d587d53e2a9c47dfff8a9137f1b4c corporate/4.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.i586.rpm c2fa5da5d44a5f70bb49d5b4ba7e86e6 corporate/4.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.i586.rpm 5df7bf2ff4059259ed0b5ea9f3587cc3 corporate/4.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.i586.rpm 278a321f6ee5928135585f03a05ae642 corporate/4.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.i586.rpm cd37b5dfe36b72fb482be5abc4bbbba7 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm 9b49e02711849a4babedfa63c6aadefb corporate/4.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.i586.rpm d8293192b06e5a91df8314ecba17880e corporate/4.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.i586.rpm 5839e97fa06cca289121be5f33e9286d corporate/4.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.i586.rpm 34d184e85b53c369a713c08f66e601dc corporate/4.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.i586.rpm ab7b43c629095beee26dbb1381fbff9d corporate/4.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.i586.rpm 79cfc37305b6a3977d7c7333c7e883de corporate/4.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.i586.rpm 7e8f28d446d6e574d8a1521059c03144 corporate/4.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.i586.rpm 0d2dd482cc76fb0df96c0bc5f4fa5844 corporate/4.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.i586.rpm 58959b3a1d43cc2a666361804daa88f1 corporate/4.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.i586.rpm ded59cf4be8835dc0ada86add049ed86 corporate/4.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.i586.rpm 8afd66b33e600714238e360a127df36e corporate/4.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.i586.rpm ef6a89b44e3b120f1bae29217728f196 corporate/4.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.i586.rpm 1532d01d8123e87ee1103292ed95f68d corporate/4.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.i586.rpm 8c0667ab59c15a9b66097f5e86df7220 corporate/4.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.i586.rpm bcec75d2b059d123d6c21dae29baee00 corporate/4.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.i586.rpm f5afdfd15e40f4ec6323a8cac098cb78 corporate/4.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.i586.rpm 1544a7236d6a10521f89234feaff9435 corporate/4.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.i586.rpm 53834f537b0eacd3bb59a2ccc6a40ea6 corporate/4.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.i586.rpm 70171f6ba3c24b51ec29be154e129bce corporate/4.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.i586.rpm 4e64eee4ed44068cb9db5c77730c71b8 corporate/4.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.i586.rpm d990c04de7c285225c51067ff92d8a58 corporate/4.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.i586.rpm 04ee85bd5b28b12466bcd8189d4ae480 corporate/4.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.i586.rpm 222528603f2d88e4e46178620328ac7e corporate/4.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.i586.rpm caacac0ace4c80fbf0d917ea95070114 corporate/4.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.i586.rpm e4aabb47eacf2bcbb517e6890935d4e9 corporate/4.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.i586.rpm e55300aa65e586aba56e5b75c3d0f0d7 corporate/4.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.i586.rpm 8d857f4d255e86e4b1db933ab75a88b5 corporate/4.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.i586.rpm 0d4998a9483e67ad0a484d8535950401 corporate/4.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.i586.rpm 0677248472dd1f219ac4c633b3ae8427 corporate/4.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.i586.rpm 025ee723e8a157de742313163d8199e6 corporate/4.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.i586.rpm 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: e9362e7e9d164dcf20ac2dd178057783 corporate/4.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 27152d5c4d45cfe65038b90014f4b128 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm a520a8169e6f7fa9636c7434820263cc corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 73fa1146e61ddf2baea07f4e51b247a2 corporate/4.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 77c656121a9efaefb5bf8bea7416a190 corporate/4.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 1353fe3c1c7740891cca051691f2a844 corporate/4.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 6e547a34386d9220269f6971df84459b corporate/4.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 37bd5e53ce8bd1196991a1d48c7d3fc2 corporate/4.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.x86_64.rpm d8efb7b371fa3bc9d7dbda4d82bcea69 corporate/4.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.x86_64.rpm a4eb36d0ed16b308bf8146758468f720 corporate/4.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 1f3f6299c228a51c39dd9036d501baf3 corporate/4.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b7ed3aee73652f317d41612746b7f79e corporate/4.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.x86_64.rpm aa5e7732031b216f6cc4552b7e5bfe22 corporate/4.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b99863ae0bc816222fec7afd596b4b38 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 22b5ef994c3f38b7b5a63808f0ef9c47 corporate/4.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.x86_64.rpm a5033ebf881cab82e063df8ffe29e22b corporate/4.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 387dfb400ed59319e932a19e2dd4fe09 corporate/4.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 2a114b7e832d12fad87f2ad76ed89a7d corporate/4.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm eced7a780c5f758eef5a0f71f43ed261 corporate/4.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 854bc6729675ed8670330f3da1e520b2 corporate/4.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b73ac49803411c5afb96d87cde8a89c9 corporate/4.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.x86_64.rpm ca9a93da5b7f4dfc1eca188267891a66 corporate/4.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 267f8dc1ca9e04115050a311eebd00f1 corporate/4.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 516850fa1de5417fdb96ab50fee1504f corporate/4.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm ec13f241ff41c46590e31fd8339ffae7 corporate/4.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 00eddff4c17ce23c148cbb2bfd27bc59 corporate/4.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 896cc9b5af7e66ddbf67ad819083a9aa corporate/4.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 52a752441fc870f33e792860ec328ecd corporate/4.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b418b4371503ed9502ca7eab01c6d86e corporate/4.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 801a63774bfd94ac7e292b97bc1c88a6 corporate/4.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 4998a34e227bcd0de4c64a08198cda13 corporate/4.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 0f809660f4c1e45133fc01003acee854 corporate/4.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm da3f053868769c3d1705158b925a3312 corporate/4.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b53c13931bdcebb9dec07ccb7512cc0d corporate/4.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 431f220901edaf32f504ee6dfd7d8262 corporate/4.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 45d21d5351be8762640ae3038458c6b8 corporate/4.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 3bb59b3ca297d90181276683db70ceb7 corporate/4.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.x86_64.rpm cce30e727a3dba740a537ec0040248f2 corporate/4.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 7221b6655d4061eb29ed5150f87b3706 corporate/4.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm dd7c39076b8bb01d1b4432ba9cb29f12 corporate/4.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.x86_64.rpm cacf45d88765c0c26d7256e5f392c2df corporate/4.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 703558369cbe9e4920eab509134d3a7e corporate/4.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 817fd873fb5f997916d61b2cf078d2c3 corporate/4.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm fe95060a37a586f98f5c3683131a9ef2 corporate/4.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFEdnKmqjQ0CJFipgRAhScAJ0RtvKW8TDID20kGA742yYkfDv3WQCfViA3 9+1bS5rPZJ+d2lgArDu9umE= =7N0A -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig38FF09D81E6F0DF2DC736FD8 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable
Gentoo Linux Security Advisory GLSA 200609-19
http://security.gentoo.org/
Severity: Normal Title: Mozilla Firefox: Multiple vulnerabilities Date: September 28, 2006 Bugs: #147652 ID: 200609-19
Synopsis =3D=3D=3D=3D=3D=3D=3D=3D
The Mozilla Foundation has reported numerous vulnerabilities in Mozilla Firefox, including one that may allow execution of arbitrary code.
Background =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Mozilla Firefox is a redesign of the Mozilla Navigator component. The goal is to produce a cross-platform, stand-alone browser application.
Affected packages =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/mozilla-firefox < 1.5.0.7 >=3D 1.5.0.7=
2 www-client/mozilla-firefox-bin < 1.5.0.7 >=3D 1.5.0.7=
-------------------------------------------------------------------
2 affected packages on all of their supported architectures.
-------------------------------------------------------------------
Description =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
A number of vulnerabilities were found and fixed in Mozilla Firefox. For details please consult the references below.
Impact =3D=3D=3D=3D=3D=3D
The most severe vulnerability involves enticing a user to visit a malicious website, crashing the browser and executing arbitrary code with the rights of the user running the application.
Workaround =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
There is no known workaround at this time.
Resolution =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose=20
">=3Dwww-client/mozilla-firefox-1.5.0.7"
Users of the binary package should upgrade as well:
# emerge --sync
# emerge --ask --oneshot --verbose=20
">=3Dwww-client/mozilla-firefox-bin-1.5.0.7"
References =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
[ 1 ] CVE-2006-4253 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4253 [ 2 ] CVE-2006-4340 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4340 [ 3 ] CVE-2006-4565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4565 [ 4 ] CVE-2006-4566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4566 [ 5 ] CVE-2006-4567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4567 [ 6 ] CVE-2006-4568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4568 [ 7 ] CVE-2006-4569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4569 [ 8 ] CVE-2006-4571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4571
Availability =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200609-19.xml
Concerns? =3D=3D=3D=3D=3D=3D=3D=3D=3D
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License =3D=3D=3D=3D=3D=3D=3D
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA06-333A
Apple Releases Security Update to Address Multiple Vulnerabilities
Original release date: November 29, 2006 Last revised: -- Source: US-CERT
Systems Affected
* Apple Mac OS X version 10.3.x and 10.4.x
* Apple Mac OS X Server version 10.3.x and 10.4.x
* Apple Safari web browser
These vulnerabilities affect both Intel-based and PowerPC-based Apple systems.
Overview
Apple has released Security Update 2006-007 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser. Vulnerabilities in OpenSSL, gzip, and other products are also addressed. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service.
I. Description
Apple Security Update 2006-007 addresses a number of vulnerabilities affecting Mac OS X, OS X Server, Safari web browser, and other products. Further details are available in the related vulnerability notes.
This security update also addresses previously known vulnerabilities in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. Information is also available through the OpenSSL vulnerabilities page. Information about the vulnerabilities in gzip is available in a series of vulnerability notes.
II. Impact
The impacts of these vulnerabilities vary. For specific details, see the appropriate vulnerability notes. Potential consequences include remote execution of arbitrary code or commands, bypass of security restrictions, and denial of service.
III. Solution
Install updates
Install Apple Security Update 2006-007.
IV. References
* Vulnerability Notes for Apple Security Update 2006-007 -
<http://www.kb.cert.org/vuls/byid?searchview&query=apple-2006-007>
* Vulnerability Notes for OpenSSL Security Advisory [28th September
2006] -
http://www.kb.cert.org/vuls/byid?searchview&query=openssl_secadv_20060928
* Vulnerability Note VU#845620 -
<http://www.kb.cert.org/vuls/id/845620>
* Vulnerability Note VU#933712 -
<http://www.kb.cert.org/vuls/id/933712>
* Vulnerability Note VU#381508 -
<http://www.kb.cert.org/vuls/id/381508>
* Vulnerability Note VU#554780 -
<http://www.kb.cert.org/vuls/id/554780>
* Vulnerability Note VU#596848 -
<http://www.kb.cert.org/vuls/id/596848>
* Vulnerability Note VU#773548 -
<http://www.kb.cert.org/vuls/id/773548>
* About the security content of Security Update 2006-007 -
<http://docs.info.apple.com/article.html?artnum=304829>
* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>
* Apple Downloads - <http://www.apple.com/support/downloads/>
* OpenSSL: OpenSSL vulnerabilities -
<http://www.openssl.org/news/vulnerabilities.html>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Safari>
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA06-333A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA06-333A Feedback VU#191336" in the subject.
Produced 2006 by US-CERT, a government organization.
Terms of use:
http://www.us-cert.gov/legal.html
Revision History
November 29, 2006: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6 lJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz iN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7 xr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf 8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q A580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg== =f7N+ -----END PGP SIGNATURE----- . Other vulnerabilities include program crashes and the acceptance of forged certificates.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1782",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": "firefox",
"scope": "lte",
"trust": 1.8,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": "network security services",
"scope": "lte",
"trust": 1.8,
"vendor": "mozilla",
"version": "3.11.2"
},
{
"model": "seamonkey",
"scope": "lte",
"trust": 1.8,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"model": "thunderbird",
"scope": "lte",
"trust": 1.8,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 10 sparc for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 10 x86 for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 8 sparc for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 8 x86 for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 9 sparc for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 9 x86 for )"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mozilla:firefox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:network_security_services",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:seamonkey",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:thunderbird",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:mozilla",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Bleichenbacher reported this issue to the vendor.",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4340",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2006-4340",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-4340",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4340",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#773548",
"trust": 0.8,
"value": "1.57"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-4340",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. A buffer overflow vulnerability in an OpenSSL library function could allow a remote attacker to execute code on an affected system. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n\nBackground\n==========\n\nThe Mozilla Network Security Service is a library implementing security\nfeatures like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12,\nS/MIME and X.509 certificates. This impacts any software using the NSS library, like the\nMozilla products Firefox, Thunderbird and Seamonkey. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\ngzip Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA21996\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21996/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\ngzip 1.x\nhttp://secunia.com/product/4220/\n\nDESCRIPTION:\nTavis Ormandy has reported some vulnerabilities in gzip, which can be\nexploited by malicious people to cause a DoS (Denial of Service) and\npotentially compromise a vulnerable system. \n\n1) A boundary error within the \"make_table()\" function in unlzh.c can\nbe used to modify certain stack data. tricking\na user or automated system into unpacking a specially crafted archive\nfile. tricking a user or\nautomated system into unpacking a specially crafted \"pack\" archive\nfile. \n\n3) A buffer overflow within the \"make_table()\" function of gzip\u0027s LZH\nsupport can be exploited to cause a DoS and potentially to compromise\na vulnerable system by e.g. tricking a user or automated system into\nunpacking an archive containing a specially crafted decoding table. \n\n4) A NULL pointer dereference within the \"huft_build()\" function and\nan infinite loop within the LZH handling can be exploited to cause a\nDoS by e.g. tricking a user or automated system into unpacking a\nspecially crafted archive file. \n\nThe vulnerabilities have been reported in version 1.3.5. \n\nSOLUTION:\nDo not unpack untrusted archive files. \n\nPROVIDED AND/OR DISCOVERED BY:\nTavis Ormandy, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676\n\nOTHER REFERENCES:\nUS-CERT VU#554780:\nhttp://www.kb.cert.org/vuls/id/554780\n\nUS-CERT VU#381508:\nhttp://www.kb.cert.org/vuls/id/381508\n\nUS-CERT VU#773548:\nhttp://www.kb.cert.org/vuls/id/773548\n\nUS-CERT VU#933712:\nhttp://www.kb.cert.org/vuls/id/933712\n\nUS-CERT VU#596848\nhttp://www.kb.cert.org/vuls/id/596848\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1191-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nOctober 5th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla-thunderbird\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2006-2788 CVE-2006-4340 CVE-2006-4565 CVE-2006-4566\n CVE-2006-4568 CVE-2006-4570 CVE-2006-4571\nBugTraq ID : 20042\n\nSeveral security related problems have been discovered in Mozilla and\nderived products such as Mozilla Thunderbird. \n\nCVE-2006-4340\n\n Daniel Bleichenbacher recently described an implementation error\n in RSA signature verification that cause the application to\n incorrectly trust SSL certificates. \n\nCVE-2006-4570\n\n Georgi Guninski demonstrated that even with JavaScript disabled in\n mail (the default) an attacker can still execute JavaScript when a\n mail message is viewed, replied to, or forwarded. \n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.0.2-2.sarge1.0.8c.1. \n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.5.0.7-1. \n\nWe recommend that you upgrade your Mozilla Thunderbird packages. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.dsc\n Size/MD5 checksum: 1003 d7261fba347b9876e873f1d424e60190\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.diff.gz\n Size/MD5 checksum: 519315 066ed351050722c36274e3e837fd174f\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2.orig.tar.gz\n Size/MD5 checksum: 33288906 806175393a226670aa66060452d31df4\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 12855288 285e55a20445ea5dffe79de01baf788c\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 3280106 0206d9fe08e3da2d4bf919c6b2b54ec7\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 152092 c5c984f0f11f94cb263f5bbef367de09\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 33520 ed7e6d825f630da666e07914527f2c75\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 89492 1e9ed565915dc4327e444ad999cc5daa\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 12258904 f40f86252184ce7360b2b9d1e58cef8f\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 3281164 e4e2160d22d4721508f1762804b3b18b\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 151124 a72d17f827929c9189f9ba96ff73c7a1\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 33512 bbe0fe4a7e56a138c220790ab9de97a6\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 89350 f2b7e1d1d4eb5f1abb2522ddbdb46ff5\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 10345146 4c171699433072d443eb7b35a2550fd2\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 3272118 a52ad3d2cd1806e936374537e135d7db\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 143266 9dedbe9b5f45727a93cfccb5c99bf371\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 33522 14d1c0d0af46731075ea7c35c2900258\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 81318 81219b4c82896fab12427e42df1b2760\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 13570024 3a62ee11075402dfad030e2ede937191\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 3285124 e9cadee2d32b2bcb56b1278043e97da4\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 153296 3fecaa707002afb1ba6854da724ad132\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 33520 83e537b9aff4d44fd958043298a1d7f2\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 97390 c3ceeedcf00d99d34c7b5f424da7da63\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 11568436 af1de65bd715970c4432149aec80b2a2\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 3507870 5dab89db24f1443fe782dc931f4ee0af\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 146732 bc52082cd1ab0f026c401204cd63b4a7\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 33518 5d3c9700cce7b9c0261c246ed7b8afd4\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 88084 e244c9c8b7224814774bef13f4213d4e\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 14628630 07bfcc171f449b86b9d62f903e29d506\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 3291260 d7186841974796f8f90be26700801a95\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 155452 e17eb664e56fcc0809dd36580f92cc1a\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 33514 fc890529fdea5526a05ffd16b96f5956\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 107220 eb93528d586b050ecc3b60742b4fa344\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 10794842 fa716b92e3c7a9d67fad6fd453c78bb4\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 3271690 d95eb910dd6d38de41c17fcb6b1c4696\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 145054 2b7570676e15cea809905c442f91b5e0\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 33550 3db6c520d1c489fb4e17501d19dececf\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 82556 32d25c11844a48ed963e3c5c51ff34fc\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 11948708 4f58ce9668da6a12b823edaa3c8b35b3\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 3279410 e639b2bf43eda95d3ca3bb0b9aec6df7\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 148042 cb6ee4a9bd4dec3166e48e356b9c3465\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 33524 2765555b00f4ed717b34e98c5c0d9c02\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 84748 0e934e90bb6bd47c7500fd665728ba27\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 11817078 4239077894c74444d33063229dd847df\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 3280416 ac165850436e63818da8fffe134628d1\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 147600 ae6d7ff1b34dddab3d0c18d6e38bc77b\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 33518 27bed1b95a4e34a291c7e67c6a9fdd37\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 84650 173fefc8b58b15398b3cccad2c812495\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 10912494 d13ec5b97f5fde0795e5f762330756f6\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 3270108 dbd7eb3154db4a379fcfcda6b7d414b9\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 145048 b9ab45845f58fb064d7d1ae449481db9\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 33526 b5e07e26d215581b4cc0fea6d71beaf3\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 81478 b57b8038afbfd5490a6cf847e740ab60\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 12705708 68195861caccd07a18a379ffe2e88403\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 3280614 38dec996622a4e1762a1ef683bba9c43\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 151436 b54ba7420653e63746d019b979f3ae76\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 33516 e24dafe27c103a8d40de9a905b052311\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 89290 9daa1eb634834e02aefde0a594bcd0f9\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 11181284 adedd4c6302ddb868a531810d226143a\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 3275816 c38922ec47674939277e6984f87c0eb4\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 144702 9183a627463aa564a0313d4d361d22f3\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 33528 5f87736faa9ee0a9b10e29c48280798a\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 83122 72966880dc02a1b472dcac7b1404fa58\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n This update provides the latest Firefox to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4568\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4571\n http://www.mozilla.org/security/announce/2006/mfsa2006-57.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-58.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-59.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-60.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-61.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-62.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-64.html\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 4e750ef25e44a1b493d2a61ad5f9a7a2 2006.0/i586/devhelp-0.10-7.2.20060mdk.i586.rpm\n e6cd690c11d4e8f352d2ce7bf0f7d4be 2006.0/i586/epiphany-1.8.5-4.2.20060mdk.i586.rpm\n b2f094942eca657f3dc7a8699cb8b776 2006.0/i586/epiphany-devel-1.8.5-4.2.20060mdk.i586.rpm\n c4ae8fc253aa1fe055ec4c1560205fab 2006.0/i586/epiphany-extensions-1.8.2-3.2.20060mdk.i586.rpm\n 08cde29a26e6ac2d0e3b629f660db9fe 2006.0/i586/galeon-2.0.1-1.2.20060mdk.i586.rpm\n 9c94b904a9f2c64090328edd73d0e1fa 2006.0/i586/libdevhelp-1_0-0.10-7.2.20060mdk.i586.rpm\n b5ad67818794371f50d63a611c79b45b 2006.0/i586/libdevhelp-1_0-devel-0.10-7.2.20060mdk.i586.rpm\n fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/i586/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm\n 770e8d6c5643c78f486ae2c115f7c740 2006.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n ffb123d21760cbba92a232dfb1150b7e 2006.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/i586/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm\n 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/i586/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n 2596f8b787cea221c80a85fd0854f766 2006.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mdk.i586.rpm\n c912e48bd5138b8f42b24b3c34653a19 2006.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.i586.rpm\n 1a82466395715237df552070e51f6525 2006.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.i586.rpm\n 514de0cacb2462a8a6a26206ac18b617 2006.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.i586.rpm\n 70415104d0814a6e94c1997c0c464957 2006.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.i586.rpm\n c2b5a360abd1a8a3e78dd8e9df072b4c 2006.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.i586.rpm\n f8dd2e9e5a5e374782d9154b09ca7b7d 2006.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.i586.rpm\n a20a2bee8f26440b13294ef6247f66ec 2006.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.i586.rpm\n c60d356eddf74e8799b239a925b35953 2006.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n 5b4fbc76811530cfc20ef319daf2f577 2006.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.i586.rpm\n fdc7591dc15dce7e373f4e167fb2c769 2006.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.i586.rpm\n 00a17b297ea7b7ee31a3fca5d3109ffc 2006.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.i586.rpm\n 2bee9151bc0e40bf1ff22a9224643dcb 2006.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.i586.rpm\n 03285b22a86c82b8558467befb5fa04b 2006.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.i586.rpm\n f9dbe9c8d7b907e6c1a80f0bce2d9323 2006.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.i586.rpm\n 4e13ea6856a71514c569581e06515ae8 2006.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.i586.rpm\n 81b56a020127b1e9c41facb963e670be 2006.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.i586.rpm\n 3a14f0cee1271d5f4cfedc8967a2be45 2006.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.i586.rpm\n 9612ac69d69114d1da1dc1bfa6530d9b 2006.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.i586.rpm\n 9a47da16333b9c1d839e19420ab5c3a5 2006.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.i586.rpm\n ea5b214a43077114d8adaf184ba6ce61 2006.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.i586.rpm\n ebf899b39e850438dd4cfb1bbab9ba8d 2006.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.i586.rpm\n 18522be12bdda788de662d07d5a07e08 2006.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.i586.rpm\n 19a62453c05c0443aa2999a177d50dac 2006.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.i586.rpm\n 352aa6197b0b79025f5a71a3135d95c9 2006.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.i586.rpm\n 64b460d997ff70bf0ff50400c20a98e1 2006.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.i586.rpm\n 1f67f28a68d57baa96523ef05ccd1bbe 2006.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.i586.rpm\n f5b2681e10e6eb68e4fb9041262b65c5 2006.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.i586.rpm\n 8d47794342c430b50dc04f7d4c65cf9d 2006.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.i586.rpm\n d975c5d5ec3c8fed8846f02105ba4795 2006.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.i586.rpm\n 563d01331a992ec6ded54d5118bc10ad 2006.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.i586.rpm\n 4da569e782da6c5b98eab4862c335600 2006.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.i586.rpm\n 4a77a4d9b22704184694a1a0580440f5 2006.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.i586.rpm\n 0a153e8351a1ffdfadf067cdf9b2ee06 2006.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.i586.rpm\n e7ed42daf0c68890a34422d8f5b7dcf6 2006.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.i586.rpm\n 542ce6ba9713683b8a741ab921cd3e45 2006.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.i586.rpm\n 55c8c83ad72d6289bf1d45ea517b74ba 2006.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.i586.rpm\n 591beaf9e8abf8911f023fb147efe765 2006.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.i586.rpm\n 23b9d2502d7cb24aeea82f358a428ec2 2006.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.i586.rpm\n be8acdc18fe55ea8a9d0afc553bf21d3 2006.0/i586/yelp-2.10.0-6.2.20060mdk.i586.rpm \n 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm\n bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm\n b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm\n 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm\n 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm\n 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm\n 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 8f79a25451b9f41d48df89f996869cc7 2006.0/x86_64/devhelp-0.10-7.2.20060mdk.x86_64.rpm\n a9b851ddb7a77ee0f6d73c9a475658e0 2006.0/x86_64/epiphany-1.8.5-4.2.20060mdk.x86_64.rpm\n 606bb2a3ece209a7c260fd81d776c123 2006.0/x86_64/epiphany-devel-1.8.5-4.2.20060mdk.x86_64.rpm\n bb99bf7ed2e5608849cb9b0bcac49041 2006.0/x86_64/epiphany-extensions-1.8.2-3.2.20060mdk.x86_64.rpm\n 6caf5e05026177525d0d04225e5dcc4a 2006.0/x86_64/galeon-2.0.1-1.2.20060mdk.x86_64.rpm\n 2ef32f51f707beff08db88d61aab842d 2006.0/x86_64/lib64devhelp-1_0-0.10-7.2.20060mdk.x86_64.rpm\n 50b6716aa33e6065ce0ba0b107fb3a8c 2006.0/x86_64/lib64devhelp-1_0-devel-0.10-7.2.20060mdk.x86_64.rpm\n 0b3997e3f646af18f684fdce56194ae3 2006.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75e63b4f3785b8c7fa4924d7f30be921 2006.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n cda6b659c2777c44fdde0ac3ab1fb11b 2006.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4f3e6424fa71a629be1b81415fe2b875 2006.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 7bd353454999969148524636267b68c5 2006.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/x86_64/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm\n 770e8d6c5643c78f486ae2c115f7c740 2006.0/x86_64/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/x86_64/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm\n 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/x86_64/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n 561212c426f35a3e2393ad3acbf11bda 2006.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mdk.x86_64.rpm\n a4a76ca919cec68bef5ec0521e4185b2 2006.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.x86_64.rpm\n e23f698f02d78a8d8b2ac056e91f106a 2006.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1e815c45fb57ee56bd4d4258a8cda5ad 2006.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1c348254b80cec87c2b804825cdd8a5d 2006.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 6eac0be09030f9ed629107600bcbf88f 2006.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.x86_64.rpm\n a06b4569f5392501df97fb209315782f 2006.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 98aac82b44a66047d884b95f251cd6c5 2006.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 9479078391f288562b612afff9cb994e 2006.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 247dce39896e7230ffda5ca8bc58d736 2006.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.x86_64.rpm\n a86cb00b8b07cd45a1274ddc318de2bd 2006.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 8ba8f4e4d9fcfef9f3cc4ac71b15c5df 2006.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4c477d0ef8c843b9416185508c9181a1 2006.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 6e9c4c9c6ba8cfefd32e4d135943824d 2006.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.x86_64.rpm\n b8046ef3da338188287fa9a8ebfb9515 2006.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1609e86fa50ef7c5c3ef827bf47090e8 2006.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 5cdf122cafadd7f2125d42246402e29d 2006.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75f82717c62d51d00ba25abcdf3e26a5 2006.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75b03be94bdea20dbbf361a3a295e4c9 2006.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 672f36e40f7c5463b5e771bcaeae31af 2006.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 8cf3e2082d406f71c4c7d3f638792e1e 2006.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4f0f77a0b9fd79a671857fd330933289 2006.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.x86_64.rpm\n b5c00962987efb764ea77e76c9734c79 2006.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.x86_64.rpm\n f788aefcdac5b098d8853a3ef4fe146c 2006.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4afff3966656a65b55290d08d446d864 2006.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.x86_64.rpm\n e63e4db3037a915ac24dca78e5ae8617 2006.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 7e443e15233a3db5b76ae7c299d1e7d9 2006.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75ca84a45213c2d33d66b68c649dd875 2006.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 7a8cd126f5f5c63d45efe79a1e78e94d 2006.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 342155314a7801a1637d807e8ae8754d 2006.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 359e5cb75905f2c08b49ecb1eccdf335 2006.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.x86_64.rpm\n fa480b18d46eaed805f8fe0c92f6a9fe 2006.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 3233bb351b6c89deb25a6722df088e9a 2006.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.x86_64.rpm\n f1347555bb50e32c58ac3edba31f3d1a 2006.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.x86_64.rpm\n c20fd1c8861e74829879a63075fdf2f4 2006.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 8c73daea2686e503d3367d112c4c691e 2006.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 59d920837831e1a165ce19447066b4e5 2006.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 869bea0fbfc6b2c65ab525d80aed03b9 2006.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1b867a3b0b7d8efd86377d0f0dcb67c3 2006.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 12ab7912491456d673058667c8c0dc3a 2006.0/x86_64/yelp-2.10.0-6.2.20060mdk.x86_64.rpm \n 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm\n bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm\n b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm\n 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm\n 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm\n 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm\n 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm\n\n Corporate 3.0:\n c106557de1e045e5840a453d710b63e7 corporate/3.0/i586/libnspr4-1.5.0.7-0.1.C30mdk.i586.rpm\n b5a3de7c01f7a4187f85bc66db242c67 corporate/3.0/i586/libnspr4-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n 8d1cfeaf1cb031bc1ec4519994801b6a corporate/3.0/i586/libnspr4-static-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n d08546a25f6e78701feed1d67d53fabd corporate/3.0/i586/libnss3-1.5.0.7-0.1.C30mdk.i586.rpm\n 3371ded40c0bd1a8e828d9e92aed09fd corporate/3.0/i586/libnss3-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n 6d635b07ba60ed49fe27d4c633204520 corporate/3.0/i586/mozilla-firefox-1.5.0.7-0.1.C30mdk.i586.rpm\n aa83aaff11daa5889c9d36c928075341 corporate/3.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.i586.rpm\n 059c5de9e7a5f658cfbc692c913b3403 corporate/3.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.i586.rpm\n 63b8a1a7db1568964fe4dc1d32552f52 corporate/3.0/i586/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.i586.rpm\n cf48e548709250792e5a87c12db71cf1 corporate/3.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.i586.rpm\n 90c83713c4fd403c9999cf52c56eb282 corporate/3.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.i586.rpm\n 91279bd7d327c1a3bc0855cb06007f82 corporate/3.0/i586/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.i586.rpm\n 1fec2333c2988cc7cb7238d5bcf1812d corporate/3.0/i586/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.i586.rpm\n debf0c0ddd775793cd87fedcaefc5cf7 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n 6e9ec67c3a28bde55146ca1f475cb847 corporate/3.0/i586/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.i586.rpm\n 53c7defd9f6f8168990e4f4d4fa3a495 corporate/3.0/i586/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.i586.rpm\n 5ac67c7e12f4edd0429bc2f085e438e6 corporate/3.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.i586.rpm\n 5d4ac2f2cd3d6aecd52365e54aa85d66 corporate/3.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.i586.rpm\n aad00d0da3781f7165ed63df0276962d corporate/3.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.i586.rpm\n c531c8f33674e476980aa2cf112440bc corporate/3.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.i586.rpm\n 8f33047a9c560757a90831ea415ef814 corporate/3.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.i586.rpm\n ec0a957af4cd462f58c3d846a37d68b4 corporate/3.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.i586.rpm\n 1f8f0a6a7f962c1b1cf9d3dec38af0e2 corporate/3.0/i586/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.i586.rpm\n 354c14637e7df983f16903f46bf81171 corporate/3.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.i586.rpm\n b9fdd2f2db6f74ef240e23ace3a3a0c3 corporate/3.0/i586/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.i586.rpm\n 831a3b7c411cc716527dfe1c97d63de2 corporate/3.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.i586.rpm\n a89843c85143fa62e264f37df634b920 corporate/3.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.i586.rpm\n 382ff5621db369b06e9d76a41a4fa509 corporate/3.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.i586.rpm\n 4181358e7b0b84ff907bd5173be137d2 corporate/3.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.i586.rpm\n 6da617d32c9eb917180eddd62aeabf54 corporate/3.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.i586.rpm\n c0e559c0dc865c97435a918d77d690dd corporate/3.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.i586.rpm\n 05a64d9e97c0ec16b661d93e4c49ba93 corporate/3.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.i586.rpm\n ef2379b44f8e241a7811eee7031e9838 corporate/3.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.i586.rpm\n 08f36ddea8f0b8ad5decc76b6ebf7106 corporate/3.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.i586.rpm\n 9af857fcd8a7e98707ae77fcbd17e25d corporate/3.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.i586.rpm\n 5b23c90450de3a6ee1b879dafb4e0ebb corporate/3.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.i586.rpm\n 646d7d7ca0374da1d90c77ff827b7a3b corporate/3.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.i586.rpm\n 25746d2ce3a97f620f1c098daef474ed corporate/3.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.i586.rpm\n fb12bfb159f9d9a291e838cb6994daa5 corporate/3.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.i586.rpm\n 962b2b084cde62a28341c177d006b755 corporate/3.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.i586.rpm\n 784906446777df1d03ba5ac75e790104 corporate/3.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.i586.rpm\n 543df7658745731ec6341a1d46901e5e corporate/3.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.i586.rpm\n ef4728e96d4c1dadc4e9286022c6fc1a corporate/3.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.i586.rpm\n f974e234f39298065b5a120da2aad80f corporate/3.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.i586.rpm \n da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm\n 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 38e5d39281cf8fe28ae400ef6880ed82 corporate/3.0/x86_64/lib64nspr4-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 8594d09e78d9ec76bed9bb5bf9065a9d corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 88ea20792afc414a8511312fc53c9973 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 0749638fca3fc55a0c84b374c8ddce4c corporate/3.0/x86_64/lib64nss3-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3bd450c319eada8936baad026c0e7edc corporate/3.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 86a6c461d4b783867fbf62dba98b76a0 corporate/3.0/x86_64/mozilla-firefox-1.5.0.7-0.1.C30mdk.x86_64.rpm\n fa3bdb060dc9933093cd59604e0e9770 corporate/3.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.x86_64.rpm\n cf50847d5e76e5a9b0cd9c48a156f919 corporate/3.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 5251818cebcf07fdb025aded5d99f092 corporate/3.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 1ae9e70895e0bfb45034d2cfa4c937b8 corporate/3.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3585c137dc33769069e8961fa5a7ae7b corporate/3.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e10f6d78aa54d325f8a38d7f8729f1ac corporate/3.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 62bd1fd39df7abf0ce81eb9d711f6d14 corporate/3.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e34c011d455b576e4e27b20d4bc057db corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n aebe66911dac80623339aee380ec165a corporate/3.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3c5f109ae088242966604dce6338f07b corporate/3.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 17ef425bc7fc131b9de3632fb92317d1 corporate/3.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 15ea134fde2b507f46e6e4faf243135f corporate/3.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.x86_64.rpm\n ce6f4aa7a0fb1ac425afc5d915bb392d corporate/3.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 13b0b693682e7def5e320473342cf4a0 corporate/3.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.x86_64.rpm\n d5fd81f204e46d15b6d1124376ab0930 corporate/3.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.x86_64.rpm\n cb389fc624d1961cf2ab00488bad7cef corporate/3.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3cd572d77c055bf562c3678c513ff3c8 corporate/3.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.x86_64.rpm\n ea7215256650d751ae2ce0d20812fa96 corporate/3.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 57fcf8c6e9f251d3eb4f0096ca55cea3 corporate/3.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.x86_64.rpm\n d7f6310911b7e049876f7b70c16b8ccc corporate/3.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 8c0b97b440922510631400b5aea900ac corporate/3.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 8045c85ca598518aff6c7ead8f3fbf61 corporate/3.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 996d7bb252cf32b3ddce18a90b4bb8d9 corporate/3.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 5a3b346110144f79e05c20d13ac90663 corporate/3.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c56729c0896b11a9e49875fe2b493872 corporate/3.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.x86_64.rpm\n da6306fcba9fba87d98f68208e752bf8 corporate/3.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e94eca882ce53af3086bac6cf70076ea corporate/3.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 810bc3ca66d52d5537ece20a12679fec corporate/3.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c97bcde75d8118bb3d6c38428b811cc9 corporate/3.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 629ec7999ae3fd23e36e2c6722847bbe corporate/3.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.x86_64.rpm\n ad435041d1138f8a38a0a0739cff18d8 corporate/3.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.x86_64.rpm\n f76501363a31bcd388f5edcc80881196 corporate/3.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e400f4b7e77307c8c5ab1bc26691168a corporate/3.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 126f45e769e463182b4ade57183684c1 corporate/3.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 160b09d1c10d0b781d8c1a17779432ed corporate/3.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c5c363d0552c8365bf5dc6a0936d28b2 corporate/3.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c4baf08469f1dbea8924429a7ec7b86e corporate/3.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.x86_64.rpm\n b9ce84c78e92b6f5e75954ada2706722 corporate/3.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.x86_64.rpm \n da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm\n 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm\n\n Corporate 4.0:\n 64a0356cc8f1b1ffcdfdef3d8d146cc5 corporate/4.0/i586/libnspr4-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 3f0b705031d1e95280e8194338b2d381 corporate/4.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 1bba2e76f21b670f44ba65f8c92b67e1 corporate/4.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n cb10e515e0fad365a81273a9b620cbc7 corporate/4.0/i586/libnss3-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 3534b6f0e0b64686aee7b0758ec33daf corporate/4.0/i586/libnss3-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n c3aa90658d2adeb4e6543426c493a0fe corporate/4.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 122e2ce3928dd2898118533f45f851e1 corporate/4.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 3ade855a9fc71980eec72c8dbc107ae3 corporate/4.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.i586.rpm\n c189b7b4b54f4bdf040635750df007f8 corporate/4.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 360d587d53e2a9c47dfff8a9137f1b4c corporate/4.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.i586.rpm\n c2fa5da5d44a5f70bb49d5b4ba7e86e6 corporate/4.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 5df7bf2ff4059259ed0b5ea9f3587cc3 corporate/4.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 278a321f6ee5928135585f03a05ae642 corporate/4.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.i586.rpm\n cd37b5dfe36b72fb482be5abc4bbbba7 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 9b49e02711849a4babedfa63c6aadefb corporate/4.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.i586.rpm\n d8293192b06e5a91df8314ecba17880e corporate/4.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 5839e97fa06cca289121be5f33e9286d corporate/4.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 34d184e85b53c369a713c08f66e601dc corporate/4.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.i586.rpm\n ab7b43c629095beee26dbb1381fbff9d corporate/4.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 79cfc37305b6a3977d7c7333c7e883de corporate/4.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 7e8f28d446d6e574d8a1521059c03144 corporate/4.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 0d2dd482cc76fb0df96c0bc5f4fa5844 corporate/4.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 58959b3a1d43cc2a666361804daa88f1 corporate/4.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.i586.rpm\n ded59cf4be8835dc0ada86add049ed86 corporate/4.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 8afd66b33e600714238e360a127df36e corporate/4.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.i586.rpm\n ef6a89b44e3b120f1bae29217728f196 corporate/4.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 1532d01d8123e87ee1103292ed95f68d corporate/4.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 8c0667ab59c15a9b66097f5e86df7220 corporate/4.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.i586.rpm\n bcec75d2b059d123d6c21dae29baee00 corporate/4.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.i586.rpm\n f5afdfd15e40f4ec6323a8cac098cb78 corporate/4.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 1544a7236d6a10521f89234feaff9435 corporate/4.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 53834f537b0eacd3bb59a2ccc6a40ea6 corporate/4.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 70171f6ba3c24b51ec29be154e129bce corporate/4.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 4e64eee4ed44068cb9db5c77730c71b8 corporate/4.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.i586.rpm\n d990c04de7c285225c51067ff92d8a58 corporate/4.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 04ee85bd5b28b12466bcd8189d4ae480 corporate/4.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 222528603f2d88e4e46178620328ac7e corporate/4.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.i586.rpm\n caacac0ace4c80fbf0d917ea95070114 corporate/4.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.i586.rpm\n e4aabb47eacf2bcbb517e6890935d4e9 corporate/4.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.i586.rpm\n e55300aa65e586aba56e5b75c3d0f0d7 corporate/4.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 8d857f4d255e86e4b1db933ab75a88b5 corporate/4.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 0d4998a9483e67ad0a484d8535950401 corporate/4.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 0677248472dd1f219ac4c633b3ae8427 corporate/4.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 025ee723e8a157de742313163d8199e6 corporate/4.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.i586.rpm \n 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm\n d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n e9362e7e9d164dcf20ac2dd178057783 corporate/4.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 27152d5c4d45cfe65038b90014f4b128 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n a520a8169e6f7fa9636c7434820263cc corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 73fa1146e61ddf2baea07f4e51b247a2 corporate/4.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 77c656121a9efaefb5bf8bea7416a190 corporate/4.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 1353fe3c1c7740891cca051691f2a844 corporate/4.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 6e547a34386d9220269f6971df84459b corporate/4.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 37bd5e53ce8bd1196991a1d48c7d3fc2 corporate/4.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n d8efb7b371fa3bc9d7dbda4d82bcea69 corporate/4.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n a4eb36d0ed16b308bf8146758468f720 corporate/4.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 1f3f6299c228a51c39dd9036d501baf3 corporate/4.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b7ed3aee73652f317d41612746b7f79e corporate/4.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n aa5e7732031b216f6cc4552b7e5bfe22 corporate/4.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b99863ae0bc816222fec7afd596b4b38 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 22b5ef994c3f38b7b5a63808f0ef9c47 corporate/4.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n a5033ebf881cab82e063df8ffe29e22b corporate/4.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 387dfb400ed59319e932a19e2dd4fe09 corporate/4.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 2a114b7e832d12fad87f2ad76ed89a7d corporate/4.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n eced7a780c5f758eef5a0f71f43ed261 corporate/4.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 854bc6729675ed8670330f3da1e520b2 corporate/4.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b73ac49803411c5afb96d87cde8a89c9 corporate/4.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n ca9a93da5b7f4dfc1eca188267891a66 corporate/4.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 267f8dc1ca9e04115050a311eebd00f1 corporate/4.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 516850fa1de5417fdb96ab50fee1504f corporate/4.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n ec13f241ff41c46590e31fd8339ffae7 corporate/4.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 00eddff4c17ce23c148cbb2bfd27bc59 corporate/4.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 896cc9b5af7e66ddbf67ad819083a9aa corporate/4.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 52a752441fc870f33e792860ec328ecd corporate/4.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b418b4371503ed9502ca7eab01c6d86e corporate/4.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 801a63774bfd94ac7e292b97bc1c88a6 corporate/4.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 4998a34e227bcd0de4c64a08198cda13 corporate/4.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 0f809660f4c1e45133fc01003acee854 corporate/4.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n da3f053868769c3d1705158b925a3312 corporate/4.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b53c13931bdcebb9dec07ccb7512cc0d corporate/4.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 431f220901edaf32f504ee6dfd7d8262 corporate/4.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 45d21d5351be8762640ae3038458c6b8 corporate/4.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 3bb59b3ca297d90181276683db70ceb7 corporate/4.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n cce30e727a3dba740a537ec0040248f2 corporate/4.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 7221b6655d4061eb29ed5150f87b3706 corporate/4.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n dd7c39076b8bb01d1b4432ba9cb29f12 corporate/4.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n cacf45d88765c0c26d7256e5f392c2df corporate/4.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 703558369cbe9e4920eab509134d3a7e corporate/4.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 817fd873fb5f997916d61b2cf078d2c3 corporate/4.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n fe95060a37a586f98f5c3683131a9ef2 corporate/4.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.x86_64.rpm \n 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm\n d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFEdnKmqjQ0CJFipgRAhScAJ0RtvKW8TDID20kGA742yYkfDv3WQCfViA3\n9+1bS5rPZJ+d2lgArDu9umE=\n=7N0A\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. This is an OpenPGP/MIME signed message (RFC 2440 and 3156)\n--------------enig38FF09D81E6F0DF2DC736FD8\nContent-Type: text/plain; charset=ISO-8859-1; format=flowed\nContent-Transfer-Encoding: quoted-printable\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200609-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Mozilla Firefox: Multiple vulnerabilities\n Date: September 28, 2006\n Bugs: #147652\n ID: 200609-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=3D=3D=3D=3D=3D=3D=3D=3D\n\nThe Mozilla Foundation has reported numerous vulnerabilities in Mozilla\nFirefox, including one that may allow execution of arbitrary code. \n\nBackground\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nMozilla Firefox is a redesign of the Mozilla Navigator component. The\ngoal is to produce a cross-platform, stand-alone browser application. \n\nAffected packages\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/mozilla-firefox \u003c 1.5.0.7 \u003e=3D 1.5.0.7=\n\n 2 www-client/mozilla-firefox-bin \u003c 1.5.0.7 \u003e=3D 1.5.0.7=\n\n -------------------------------------------------------------------\n 2 affected packages on all of their supported architectures. \n -------------------------------------------------------------------\n\nDescription\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nA number of vulnerabilities were found and fixed in Mozilla Firefox. \nFor details please consult the references below. \n\nImpact\n=3D=3D=3D=3D=3D=3D\n\nThe most severe vulnerability involves enticing a user to visit a\nmalicious website, crashing the browser and executing arbitrary code\nwith the rights of the user running the application. \n\nWorkaround\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nThere is no known workaround at this time. \n\nResolution\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nAll Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose=20\n\"\u003e=3Dwww-client/mozilla-firefox-1.5.0.7\"\n\nUsers of the binary package should upgrade as well:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose=20\n\"\u003e=3Dwww-client/mozilla-firefox-bin-1.5.0.7\"\n\nReferences\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\n [ 1 ] CVE-2006-4253\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4253\n [ 2 ] CVE-2006-4340\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4340\n [ 3 ] CVE-2006-4565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4565\n [ 4 ] CVE-2006-4566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4566\n [ 5 ] CVE-2006-4567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4567\n [ 6 ] CVE-2006-4568\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4568\n [ 7 ] CVE-2006-4569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4569\n [ 8 ] CVE-2006-4571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4571\n\nAvailability\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200609-19.xml\n\nConcerns?\n=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=3D=3D=3D=3D=3D=3D=3D\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA06-333A\n\n\nApple Releases Security Update to Address Multiple Vulnerabilities\n\n Original release date: November 29, 2006\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Apple Mac OS X version 10.3.x and 10.4.x\n * Apple Mac OS X Server version 10.3.x and 10.4.x\n * Apple Safari web browser\n\n These vulnerabilities affect both Intel-based and PowerPC-based Apple\n systems. \n\n\nOverview\n\n Apple has released Security Update 2006-007 to correct multiple\n vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web\n browser. Vulnerabilities in OpenSSL, gzip, and other products are also\n addressed. Attackers may take\n advantage of the less serious vulnerabilities to bypass security\n restrictions or cause a denial of service. \n\n\nI. Description\n\n Apple Security Update 2006-007 addresses a number of vulnerabilities\n affecting Mac OS X, OS X Server, Safari web browser, and other\n products. Further details are available in the related vulnerability\n notes. \n\n This security update also addresses previously known vulnerabilities\n in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. Information is also available through the OpenSSL\n vulnerabilities page. Information about the vulnerabilities in gzip is\n available in a series of vulnerability notes. \n\n\nII. Impact\n\n The impacts of these vulnerabilities vary. For specific details, see\n the appropriate vulnerability notes. Potential consequences include\n remote execution of arbitrary code or commands, bypass of security\n restrictions, and denial of service. \n\n\nIII. Solution\n\nInstall updates\n\n Install Apple Security Update 2006-007. \n\n\nIV. References\n\n * Vulnerability Notes for Apple Security Update 2006-007 -\n \u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e\n\n * Vulnerability Notes for OpenSSL Security Advisory [28th September\n 2006] -\n\u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e\n\n * Vulnerability Note VU#845620 -\n \u003chttp://www.kb.cert.org/vuls/id/845620\u003e\n\n * Vulnerability Note VU#933712 -\n \u003chttp://www.kb.cert.org/vuls/id/933712\u003e\n\n * Vulnerability Note VU#381508 -\n \u003chttp://www.kb.cert.org/vuls/id/381508\u003e\n\n * Vulnerability Note VU#554780 -\n \u003chttp://www.kb.cert.org/vuls/id/554780\u003e\n\n * Vulnerability Note VU#596848 -\n \u003chttp://www.kb.cert.org/vuls/id/596848\u003e\n\n * Vulnerability Note VU#773548 -\n \u003chttp://www.kb.cert.org/vuls/id/773548\u003e\n\n * About the security content of Security Update 2006-007 -\n \u003chttp://docs.info.apple.com/article.html?artnum=304829\u003e\n\n * Mac OS X: Updating your software -\n \u003chttp://docs.info.apple.com/article.html?artnum=106704\u003e\n\n * Apple Downloads - \u003chttp://www.apple.com/support/downloads/\u003e\n\n * OpenSSL: OpenSSL vulnerabilities -\n \u003chttp://www.openssl.org/news/vulnerabilities.html\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/#Safari\u003e\n\n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA06-333A.html\u003e\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA06-333A Feedback VU#191336\" in the\n subject. \n _________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n\n _________________________________________________________________\n\n Revision History\n\n November 29, 2006: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6\nlJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz\niN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7\nxr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf\n8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q\nA580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg==\n=f7N+\n-----END PGP SIGNATURE-----\n. \nOther vulnerabilities include program crashes and the acceptance of\nforged certificates. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4340"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "50366"
},
{
"db": "PACKETSTORM",
"id": "50727"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "PACKETSTORM",
"id": "50537"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "50630"
}
],
"trust": 5.49
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-4340",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.8
},
{
"db": "BID",
"id": "22083",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#773548",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016859",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016858",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016860",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23883",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21916",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22992",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22055",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22088",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22274",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22001",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21903",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22849",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22056",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22247",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22025",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22422",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22195",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22342",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22299",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22210",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22074",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0293",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3622",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1198",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3617",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0083",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-312A",
"trust": 1.0
},
{
"db": "AUSCERT",
"id": "ESB-2007.0014",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "BID",
"id": "20042",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557",
"trust": 0.8
},
{
"db": "BID",
"id": "19849",
"trust": 0.3
},
{
"db": "CERT/CC",
"id": "VU#554780",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#933712",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#596848",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#381508",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "21996",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "51021",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50178",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50366",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50727",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50269",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50537",
"trust": 0.1
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52708",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50630",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "50366"
},
{
"db": "PACKETSTORM",
"id": "50727"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "PACKETSTORM",
"id": "50537"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "50630"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"id": "VAR-200609-1782",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2026-03-07T23:17:30.881000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02156",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00774579"
},
{
"title": "HPSBUX02153",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
},
{
"title": "HPSBUX02156",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02156.html"
},
{
"title": "HPSBUX02153",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02153.html"
},
{
"title": "seamonkey (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=984"
},
{
"title": "mfsa2006-60",
"trust": 0.8,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"title": "mfsa2006-60",
"trust": 0.8,
"url": "http://www.mozilla-japan.org/security/announce/2006/mfsa2006-60.html"
},
{
"title": "RHSA-2006:0675",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0675.html"
},
{
"title": "RHSA-2006:0676",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0676.html"
},
{
"title": "RHSA-2006:0677",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0677.html"
},
{
"title": "102781",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1"
},
{
"title": "RHSA-2006:0675",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0675J.html"
},
{
"title": "RHSA-2006:0676",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0676J.html"
},
{
"title": "RHSA-2006:0677",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0677J.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.5,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 1.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4340"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200609-19.xml"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-01.xml"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1192"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22088"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/446140/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1191"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-354-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3617"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-350-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-361-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22849"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016859"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21939"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:169"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0677.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:168"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21903"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21915"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22025"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22247"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-312a.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0676.html"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22001"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0293"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21950"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-351-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22056"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22195"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30098"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1210"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_54_mozilla.html"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11007"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-640"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21916"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23883"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22342"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-352-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22299"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22210"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22992"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016858"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016860"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22422"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3622"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22274"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1198"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22074"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0675.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22055"
},
{
"trust": 0.8,
"url": "http://www.gzip.org/"
},
{
"trust": 0.8,
"url": "http://www.auscert.org.au/7179"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3617"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-4340"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21906/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20042"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.3,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.3,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.3,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4565"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4566"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4571"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4253"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4567"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-64.html"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-57.html"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4570"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-59.html"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-58.html"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-06.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508"
},
{
"trust": 0.1,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4220/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21996/"
},
{
"trust": 0.1,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-63.html"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4571"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4566"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2788"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4340"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4565"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4568"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4570"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-61.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4569"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-62.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4568"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4567"
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4253"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4565"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4568"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/845620\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848\u003e"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/news/vulnerabilities.html\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=304829\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/#safari\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=106704\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "50366"
},
{
"db": "PACKETSTORM",
"id": "50727"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "PACKETSTORM",
"id": "50537"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "50630"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "50366"
},
{
"db": "PACKETSTORM",
"id": "50727"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "PACKETSTORM",
"id": "50537"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "50630"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-19T00:00:00",
"db": "CERT/CC",
"id": "VU#773548"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2006-10-20T22:34:17",
"db": "PACKETSTORM",
"id": "51021"
},
{
"date": "2006-09-21T23:56:25",
"db": "PACKETSTORM",
"id": "50178"
},
{
"date": "2006-10-02T23:40:01",
"db": "PACKETSTORM",
"id": "50366"
},
{
"date": "2006-10-09T03:08:57",
"db": "PACKETSTORM",
"id": "50727"
},
{
"date": "2006-09-26T19:59:02",
"db": "PACKETSTORM",
"id": "50269"
},
{
"date": "2006-10-04T00:43:37",
"db": "PACKETSTORM",
"id": "50537"
},
{
"date": "2006-12-06T02:47:36",
"db": "PACKETSTORM",
"id": "52708"
},
{
"date": "2006-10-04T22:41:23",
"db": "PACKETSTORM",
"id": "50630"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"date": "2006-09-15T18:07:00",
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#773548"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2007-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "gzip contains a .bss buffer overflow in its LZH handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
}
}
VAR-200712-0594
Vulnerability from variot - Updated: 2026-03-07 22:07Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. This issue affects the following: - The 'mod_imagemap' module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0 - The 'mod_imap' module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0. =========================================================== Ubuntu Security Notice USN-575-1 February 04, 2008 apache2 vulnerabilities CVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-mpm-perchild 2.0.55-4ubuntu2.3 apache2-mpm-prefork 2.0.55-4ubuntu2.3 apache2-mpm-worker 2.0.55-4ubuntu2.3
Ubuntu 6.10: apache2-mpm-perchild 2.0.55-4ubuntu4.2 apache2-mpm-prefork 2.0.55-4ubuntu4.2 apache2-mpm-worker 2.0.55-4ubuntu4.2
Ubuntu 7.04: apache2-mpm-event 2.2.3-3.2ubuntu2.1 apache2-mpm-perchild 2.2.3-3.2ubuntu2.1 apache2-mpm-prefork 2.2.3-3.2ubuntu2.1 apache2-mpm-worker 2.2.3-3.2ubuntu2.1
Ubuntu 7.10: apache2-mpm-event 2.2.4-3ubuntu0.1 apache2-mpm-perchild 2.2.4-3ubuntu0.1 apache2-mpm-prefork 2.2.4-3ubuntu0.1 apache2-mpm-worker 2.2.4-3ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. This was only vulnerable in Ubuntu 6.06. A remote attacker could send Apache crafted date headers and cause a denial of service via application crash. By default, mod_proxy is disabled in Ubuntu. (CVE-2007-3847)
It was discovered that mod_autoindex did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. (CVE-2007-4465)
It was discovered that mod_imap/mod_imagemap did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)
It was discovered that mod_status when status pages were available, allowed for cross-site scripting attacks. By default, mod_status is disabled in Ubuntu. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6421)
It was discovered that mod_proxy_balancer could be made to dereference a NULL pointer. A remote attacker could send a crafted request and cause a denial of service via application crash. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)
It was discovered that mod_proxy_ftp did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz
Size/MD5: 121305 10359a467847b63f8d6603081450fece
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc
Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb
Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 171402 3b7567107864cf36953e7911a4851738
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 172186 85a591ea061cbc727fc261b046781502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 94240 b80027348754c493312269f7410b38fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 285664 76f4879738a0a788414316581ac2010b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 144250 3cd8327429958569a306257da57e8be0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 786052 7bdddb451607eeb2abb9706641675397
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 215932 bee4a6e00371117203647fd3a311658a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 219800 aaf4968deba24912e4981f35a367a086
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 93282 1ae6def788c74750d79055784c0d8006
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 267832 96c149638daeb993250b18c9f4285abf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz
Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc
Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb
Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 145340 109c93408c5197be50960cce80c23b7c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209552 8a23207211e54b138d5a87c15c097908
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 171636 07616e459905bad152a8669c8f670436
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 222022 e37ef7d710800e568d838242d3129725
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 208354 0a571678c269d1da06787dac56567f1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212052 90754ccdcd95e652413426376078d223
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz
Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc
Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 971426 30db1106dfea5106da54d2287c02a380
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 403974 65a11cfaee921517445cf74ed04df701
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434308 2073137bb138dc52bbace666714f4e14
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 343774 880faca3543426734431c29de77c3048
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz
Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc
Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz
Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 278032 4f8270cff0a532bd059741b366047da9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 435354 f3557e1a87154424e9144cf672110e93
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8
. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
Updated Packages:
Mandriva Linux 2007.0: 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.1: cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2008.0: cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Corporate 4.0: 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFHjmhKmqjQ0CJFipgRAkyLAJ4jEFMu2rAIE8XH60UDFYapm8fGgwCfaHL0 O/KXRt/gdgAAug5/9/aFGGA= =YkQ1 -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.1 or earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01607570 Version: 1
HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-19 Last Updated: 2008-11-19
Potential Security Impact: Remote cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).
References: CVE-2007-6388, CVE-2007-5000
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve the vulnerabilities.
The patches are available from http://itrc.hp.com
OV NNM v7.53
Operating_System - HP-UX (IA) Resolved in Patch - PHSS_38148 or subsequent
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38147 or subsequent
Operating_System - Linux RedHatAS2.1 Resolved in Patch - LXOV_00085 or subsequent
Operating_System - Linux RedHat4AS-x86_64 Resolved in Patch - LXOV_00086 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03514 or subsequent
OV NNM v7.51
Upgrade to NNM v7.53 and install the patches listed above.
OV NNM v7.01
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38761 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03516 or subsequent
MANUAL ACTIONS: Yes - NonUpdate Apply the appropriate file as described in the Resolution.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS (for HP-UX)
For HP-UX OV NNM 7.53 HP-UX B.11.31 HP-UX B.11.23 (IA) ============= OVNNMgr.OVNNM-RUN action: install PHSS_38148 or subsequent URL: http://itrc.hp.com
HP-UX B.11.23 (PA) HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38147 or subsequent URL: http://itrc.hp.com
For HP-UX OV NNM 7.51 HP-UX B.11.31 HP-UX B.11.23 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches
For HP-UX OV NNM 7.01 HP-UX B.11.00 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38761 or subsequent URL: http://itrc.hp.com
END AFFECTED VERSIONS (for HP-UX)
HISTORY Version:1 (rev.1) - 19 November 2008 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs A2UIaH3YB7z+o42Tm7Eg7ahn =lskD -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "1.3.39"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.0.61"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 1.1,
"vendor": "turbolinux",
"version": "11"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 1.1,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "fuji",
"scope": null,
"trust": 1.1,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 1.1,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 1.1,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.0"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "10.3"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "10.2"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "8"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.10"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard l p",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard l p",
"version": "11.23"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard l p",
"version": "11.31"
},
{
"_id": null,
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise version 6"
},
{
"_id": null,
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"_id": null,
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light version 6"
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional version 6"
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise edition"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard edition"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard edition version 4"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition"
},
{
"_id": null,
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition version 4"
},
{
"_id": null,
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"_id": null,
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "architect"
},
{
"_id": null,
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "platform"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.15"
},
{
"_id": null,
"model": "wanbooster",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux as (v.4)"
},
{
"_id": null,
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux es (v.4)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "1.0 (hosting)"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "1.0 (workgroup)"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "10"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "10 (x64)"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "11 (x64)"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "8"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.60"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.59"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.61"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.1"
},
{
"_id": null,
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"_id": null,
"model": "2.2.7-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.34"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.28"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"_id": null,
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.2"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "1.3.40-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.51"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"_id": null,
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.53"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.19"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1"
},
{
"_id": null,
"model": "hardware management console for pseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.33"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.36"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "hardware management console for iseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "application stack for enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.01"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"_id": null,
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "2.0.61-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"_id": null,
"model": "2.0.62-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"_id": null,
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"_id": null,
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "application stack for enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.0"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.01"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.39"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"_id": null,
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "a9",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.27"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86-64"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.32"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"_id": null,
"model": "2.0.60-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.41"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.31"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
}
],
"sources": [
{
"db": "BID",
"id": "26838"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:wanbooster",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_application_stack",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
}
]
},
"credits": {
"_id": null,
"data": "Apache Software Foundation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
}
],
"trust": 0.6
},
"cve": "CVE-2007-5000",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-5000",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2007-000819",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-5000",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2007-000819",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200712-135",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-5000",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"description": {
"_id": null,
"data": "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nThis issue affects the following:\n- The \u0027mod_imagemap\u0027 module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0\n- The \u0027mod_imap\u0027 module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0. =========================================================== \nUbuntu Security Notice USN-575-1 February 04, 2008\napache2 vulnerabilities\nCVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000,\nCVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-mpm-perchild 2.0.55-4ubuntu2.3\n apache2-mpm-prefork 2.0.55-4ubuntu2.3\n apache2-mpm-worker 2.0.55-4ubuntu2.3\n\nUbuntu 6.10:\n apache2-mpm-perchild 2.0.55-4ubuntu4.2\n apache2-mpm-prefork 2.0.55-4ubuntu4.2\n apache2-mpm-worker 2.0.55-4ubuntu4.2\n\nUbuntu 7.04:\n apache2-mpm-event 2.2.3-3.2ubuntu2.1\n apache2-mpm-perchild 2.2.3-3.2ubuntu2.1\n apache2-mpm-prefork 2.2.3-3.2ubuntu2.1\n apache2-mpm-worker 2.2.3-3.2ubuntu2.1\n\nUbuntu 7.10:\n apache2-mpm-event 2.2.4-3ubuntu0.1\n apache2-mpm-perchild 2.2.4-3ubuntu0.1\n apache2-mpm-prefork 2.2.4-3ubuntu0.1\n apache2-mpm-worker 2.2.4-3ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that Apache did not sanitize the Expect header from\nan HTTP request when it is reflected back in an error message, which\ncould result in browsers becoming vulnerable to cross-site scripting\nattacks when processing the output. With cross-site scripting\nvulnerabilities, if a user were tricked into viewing server output\nduring a crafted server request, a remote attacker could exploit this\nto modify the contents, or steal confidential data (such as passwords),\nwithin the same domain. This was only vulnerable in Ubuntu 6.06. A remote\nattacker could send Apache crafted date headers and cause a denial of\nservice via application crash. By default, mod_proxy is disabled in\nUbuntu. (CVE-2007-3847)\n\nIt was discovered that mod_autoindex did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. (CVE-2007-4465)\n\nIt was discovered that mod_imap/mod_imagemap did not force a\ncharacter set, which could result in browsers becoming vulnerable\nto cross-site scripting attacks when processing the output. By\ndefault, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)\n\nIt was discovered that mod_status when status pages were available,\nallowed for cross-site scripting attacks. By default, mod_status is\ndisabled in Ubuntu. By default,\nmod_proxy_balancer is disabled in Ubuntu. This was only vulnerable\nin Ubuntu 7.04 and 7.10. (CVE-2007-6421)\n\nIt was discovered that mod_proxy_balancer could be made to\ndereference a NULL pointer. A remote attacker could send a crafted\nrequest and cause a denial of service via application crash. By\ndefault, mod_proxy_balancer is disabled in Ubuntu. This was only\nvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)\n\nIt was discovered that mod_proxy_ftp did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. By default,\nmod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz\n Size/MD5: 121305 10359a467847b63f8d6603081450fece\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc\n Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb\n Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 171402 3b7567107864cf36953e7911a4851738\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 172186 85a591ea061cbc727fc261b046781502\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 94240 b80027348754c493312269f7410b38fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 285664 76f4879738a0a788414316581ac2010b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 144250 3cd8327429958569a306257da57e8be0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 786052 7bdddb451607eeb2abb9706641675397\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 215932 bee4a6e00371117203647fd3a311658a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 219800 aaf4968deba24912e4981f35a367a086\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 93282 1ae6def788c74750d79055784c0d8006\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 267832 96c149638daeb993250b18c9f4285abf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz\n Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc\n Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb\n Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 145340 109c93408c5197be50960cce80c23b7c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209552 8a23207211e54b138d5a87c15c097908\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 171636 07616e459905bad152a8669c8f670436\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 222022 e37ef7d710800e568d838242d3129725\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 208354 0a571678c269d1da06787dac56567f1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212052 90754ccdcd95e652413426376078d223\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz\n Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc\n Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 971426 30db1106dfea5106da54d2287c02a380\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 403974 65a11cfaee921517445cf74ed04df701\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434308 2073137bb138dc52bbace666714f4e14\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 343774 880faca3543426734431c29de77c3048\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz\n Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc\n Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz\n Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 278032 4f8270cff0a532bd059741b366047da9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 435354 f3557e1a87154424e9144cf672110e93\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8\n\n. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm\n cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm\n f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm\n 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm\n 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm\n 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm\n fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm\n a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm\n cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm\n 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm\n 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm\n 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm\n dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm\n eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm\n ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm\n 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm\n ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm\n 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm\n a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm\n b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm\n df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm\n c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm\n a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm\n e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm\n 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm\n a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm\n e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm\n 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm\n 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm\n 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm\n 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm\n 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm\n f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm\n a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm\n bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm\n 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm\n 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm\n cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm\n 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm\n 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm\n ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm\n 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm\n 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm\n ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm\n a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm\n d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm\n 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm\n b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm\n 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm\n c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm\n 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm\n e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm\n ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm\n 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm\n f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm\n 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm\n 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm\n eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm\n 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm\n 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm\n ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm\n 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm\n 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm\n 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm\n 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm\n 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm\n 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm\n 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm\n ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm\n 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm\n c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm\n 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm\n 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm\n 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm\n 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm\n e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm\n 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm\n c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm\n 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm\n e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm\n 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm\n e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm\n 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm\n d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm\n e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Corporate 4.0:\n 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm\n 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm\n 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm\n 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm\n 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm\n eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm\n 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm\n b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm\n 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm\n afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm\n 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm\n eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm\n 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm\n 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm\n dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm\n ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm\n d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm\n bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.8 (GNU/Linux)\n\niD8DBQFHjmhKmqjQ0CJFipgRAkyLAJ4jEFMu2rAIE8XH60UDFYapm8fGgwCfaHL0\nO/KXRt/gdgAAug5/9/aFGGA=\n=YkQ1\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.1 or earlier. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01607570\nVersion: 1\n\nHPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-11-19\nLast Updated: 2008-11-19\n\nPotential Security Impact: Remote cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). \n\nReferences: CVE-2007-6388, CVE-2007-5000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has made patches available to resolve the vulnerabilities. \n\nThe patches are available from http://itrc.hp.com \n\nOV NNM v7.53 \n===========\nOperating_System - HP-UX (IA)\nResolved in Patch - PHSS_38148 or subsequent\n \nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38147 or subsequent\n \nOperating_System - Linux RedHatAS2.1 \nResolved in Patch - LXOV_00085 or subsequent\n \nOperating_System - Linux RedHat4AS-x86_64 \nResolved in Patch - LXOV_00086 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03514 or subsequent\n \nOV NNM v7.51 \n===========\nUpgrade to NNM v7.53 and install the patches listed above. \n\nOV NNM v7.01 \n===========\nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38761 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03516 or subsequent\n \n\nMANUAL ACTIONS: Yes - NonUpdate \nApply the appropriate file as described in the Resolution. \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS (for HP-UX)\n\nFor HP-UX OV NNM 7.53 \nHP-UX B.11.31 \nHP-UX B.11.23 (IA) \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38148 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.23 (PA) \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38147 or subsequent \nURL: http://itrc.hp.com \n\nFor HP-UX OV NNM 7.51 \nHP-UX B.11.31 \nHP-UX B.11.23 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches \n\nFor HP-UX OV NNM 7.01 \nHP-UX B.11.00 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38761 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS (for HP-UX)\n\nHISTORY \nVersion:1 (rev.1) - 19 November 2008 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs\nA2UIaH3YB7z+o42Tm7Eg7ahn\n=lskD\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5000"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
}
],
"trust": 2.7
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2007-5000",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "28046",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "28073",
"trust": 2.5
},
{
"db": "BID",
"id": "26838",
"trust": 2.0
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4201",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0178",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0809",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4202",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1875",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0084",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4301",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1623",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1224",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0398",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29988",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28081",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28471",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28375",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28749",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28467",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28526",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28922",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28750",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28607",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29640",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28525",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32800",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29806",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31142",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30356",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28196",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1019093",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "39134",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVN80057925",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2007-5000",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89987",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62719",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "72120",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"id": "VAR-200712-0594",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2026-03-07T22:07:50.677000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Fixed in Apache httpd 1.3.41",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.41"
},
{
"title": "Fixed in Apache httpd 2.0.63",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.63"
},
{
"title": "Fixed in Apache httpd 2.2.8",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.8"
},
{
"title": "Revision 603282",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=603282"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307562-en"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897"
},
{
"title": "httpd-2.2.3-11.3.1AX",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=94"
},
{
"title": "interstage_as_200801",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200801.html"
},
{
"title": "JVN#80057925",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-80057925.html"
},
{
"title": "HS07-042",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-042_e/index-e.html"
},
{
"title": "HPSBUX02308",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01345501"
},
{
"title": "4019245",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"title": "PK58024",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK58024"
},
{
"title": "PK65782",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK65782"
},
{
"title": "7008517",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?rs=177\u0026uid=swg27008517#61015"
},
{
"title": "PK63273",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?rs=0\u0026context=SSEQTJ\u0026uid=swg1PK63273\u0026loc=en_US\u0026cs=utf-8\u0026cc=US\u0026lang=all"
},
{
"title": "7005198",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27005198#60"
},
{
"title": "7007033",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007033#60227"
},
{
"title": "1205",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1205"
},
{
"title": "1224",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1224"
},
{
"title": "1221",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1221"
},
{
"title": "NV07-013",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv07-013.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html"
},
{
"title": "RHSA-2008:0004",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0004.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0005.html"
},
{
"title": "RHSA-2008:0006",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0006.html"
},
{
"title": "RHSA-2008:0007",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0007.html"
},
{
"title": "RHSA-2008:0008",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0008.html"
},
{
"title": "July 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update"
},
{
"title": "233623",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"title": "TLSA-2007-56",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/TLSA-2007-56.txt"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-575-1"
},
{
"title": "Debian CVElist Bug Report Logs: apache2: CVE-2007-4465",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=8a7503dd359ab44b424a9918eb8a6f66"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/SecureAxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://secunia.com/advisories/28046"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/28073"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58024"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58074"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200801e.html"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-032.htm"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk63273"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/26838"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1019093"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28081"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28196"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28375"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:014"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:015"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0004.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0006.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0007.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0008.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28467"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28471"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:016"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28525"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28526"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28607"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-575-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28749"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28750"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/39134"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00562.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00541.html"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28922"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29640"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29806"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0009.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29988"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30356"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31142"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30732"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0178"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4202"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4301"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0809/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1224/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4201"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1623/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0084"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0398"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1875/references"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32800"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01345501"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39002"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39001"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9539"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/4201"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/4202"
},
{
"trust": 0.8,
"url": "http://jvn.jp/en/jp/jvn80057925/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5000"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "https://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01607570\u0026admit=109447627+1227181083938+28353475"
},
{
"trust": 0.3,
"url": " http://www.phptoys.com/product/micro-news.html"
},
{
"trust": 0.3,
"url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement1.3.html"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement2.0.html"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-031.htm"
},
{
"trust": 0.3,
"url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.by3b3q..t.dhzu.1jro.hzoeej00"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0004.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0007.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0008.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/575-1/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2364"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/support.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6421"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3378"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4887"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2007-5000",
"ident": null
},
{
"db": "BID",
"id": "26838",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "63262",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "62720",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "89987",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "62719",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "62721",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "63217",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "72120",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2007-5000",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2007-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2007-5000",
"ident": null
},
{
"date": "2007-12-12T00:00:00",
"db": "BID",
"id": "26838",
"ident": null
},
{
"date": "2008-02-05T00:41:56",
"db": "PACKETSTORM",
"id": "63262",
"ident": null
},
{
"date": "2008-01-17T05:57:19",
"db": "PACKETSTORM",
"id": "62720",
"ident": null
},
{
"date": "2010-05-27T05:11:37",
"db": "PACKETSTORM",
"id": "89987",
"ident": null
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"date": "2008-01-17T05:56:17",
"db": "PACKETSTORM",
"id": "62719",
"ident": null
},
{
"date": "2008-01-17T05:59:17",
"db": "PACKETSTORM",
"id": "62721",
"ident": null
},
{
"date": "2008-02-04T18:22:06",
"db": "PACKETSTORM",
"id": "63217",
"ident": null
},
{
"date": "2008-11-20T19:21:09",
"db": "PACKETSTORM",
"id": "72120",
"ident": null
},
{
"date": "2007-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-135",
"ident": null
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000819",
"ident": null
},
{
"date": "2007-12-13T18:46:00",
"db": "NVD",
"id": "CVE-2007-5000",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-03-07T00:00:00",
"db": "VULMON",
"id": "CVE-2007-5000",
"ident": null
},
{
"date": "2015-04-13T21:15:00",
"db": "BID",
"id": "26838",
"ident": null
},
{
"date": "2021-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-135",
"ident": null
},
{
"date": "2013-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000819",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-5000",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Cross-site scripting vulnerability in Apache HTTP Server \"mod_imap\" and \"mod_imagemap\"",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
}
],
"trust": 1.1
}
}
VAR-200801-0561
Vulnerability from variot - Updated: 2026-03-07 21:51Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. A cross-site scripting vulnerability has been found with the Status Information Display function of Hitachi Web Server.An attacker could execute a cross-site scripting attack by sending a request that contains malicious scripts. The vulnerability does not affect the products if the Status Information Display function is being disabled. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users' browsers to arbitrary locations, which may aid in phishing attacks. The issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2009-0010 Synopsis: VMware Hosted products update libpng and Apache HTTP Server Issue date: 2009-08-20 Updated on: 2009-08-20 (initial release of advisory) CVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863 CVE-2006-5752 CVE-2007-3304 CVE-2007-6388 CVE-2007-5000 CVE-2008-0005
- Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
A flaw found in the mod_proxy_balancer module could lead to a cross-site scripting attack against an authorized user on sites where mod_proxy_balancer was enabled (CVE-2007-6421).
Another flaw in the mod_proxy_balancer module was found where, on sites with the module enabled, an authorized user could send a carefully crafted request that would cause the apache child process handling the request to crash, which could lead to a denial of service if using a threaded MPM (CVE-2007-6422).
A flaw found in the mod_proxy_ftp module could lead to a cross-site scripting attack against web browsers which do not correctly derive the response character set following the rules in RFC 2616, on sites where the mod_proxy_ftp module was enabled (CVE-2008-0005).
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
Updated Packages:
Mandriva Linux 2007.0: 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.1: cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2008.0: cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Corporate 4.0: 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01607570 Version: 1
HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-19 Last Updated: 2008-11-19
Potential Security Impact: Remote cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).
References: CVE-2007-6388, CVE-2007-5000
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve the vulnerabilities.
The patches are available from http://itrc.hp.com
OV NNM v7.53
Operating_System - HP-UX (IA) Resolved in Patch - PHSS_38148 or subsequent
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38147 or subsequent
Operating_System - Linux RedHatAS2.1 Resolved in Patch - LXOV_00085 or subsequent
Operating_System - Linux RedHat4AS-x86_64 Resolved in Patch - LXOV_00086 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03514 or subsequent
OV NNM v7.51
Upgrade to NNM v7.53 and install the patches listed above.
OV NNM v7.01
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38761 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03516 or subsequent
MANUAL ACTIONS: Yes - NonUpdate Apply the appropriate file as described in the Resolution.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS (for HP-UX)
For HP-UX OV NNM 7.53 HP-UX B.11.31 HP-UX B.11.23 (IA) ============= OVNNMgr.OVNNM-RUN action: install PHSS_38148 or subsequent URL: http://itrc.hp.com
HP-UX B.11.23 (PA) HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38147 or subsequent URL: http://itrc.hp.com
For HP-UX OV NNM 7.51 HP-UX B.11.31 HP-UX B.11.23 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches
For HP-UX OV NNM 7.01 HP-UX B.11.00 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38761 or subsequent URL: http://itrc.hp.com
END AFFECTED VERSIONS (for HP-UX)
HISTORY Version:1 (rev.1) - 19 November 2008 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs A2UIaH3YB7z+o42Tm7Eg7ahn =lskD -----END PGP SIGNATURE----- . The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. The November 2005 Netcraft Web Server Survey found that more than 70% of the web sites on the Internet are using Apache, thus making it more widely used than all other web servers combined.
mod_status : http://httpd.apache.org/docs/2.0/mod/mod_status.html
-
From apache site : "The Status module allows a server administrator to find out how well their server is performing. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state."
-
--- 1. Apache Refresh Header - Open Redirector (XSS) Vulnerability ---
During the fact that Apache mod_status do not filter char ";" we can inject new URL. This fact give attacker open redirector and can lead to phishing attack. Also attacker can create more advanced method to trigger XSS on victim's browser. Exploit ---
SecurityReason is not going to release a exploit to the general public. Exploit was provided and tested for Apache Team . How to fix ---
Update to Apache 2.2.7-dev Apache 1.3.40-dev Apache 2.0.62-dev
http://httpd.apache.org/security/vulnerabilities_22.html http://httpd.apache.org/security/vulnerabilities_20.html http://httpd.apache.org/security/vulnerabilities_13.html
- --- 4. References ---
A Refreshing Look at Redirection : http://www.securityfocus.com/archive/1/450418 by Amit Klein
- --- 5. Greets ---
For: Maksymilian Arciemowicz ( cXIb8O3 ), Infospec, pi3, p_e_a, mpp
- --- 6
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.2"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.39"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "http server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"_id": null,
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - enterprise edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - standard edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - web edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"_id": null,
"model": "2.2.5-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "2.2.7-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.34"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.28"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.7"
},
{
"_id": null,
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.2"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "networks self-service wvads",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"_id": null,
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "2.2.6-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "1.3.40-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.51"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"_id": null,
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.25"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.53"
},
{
"_id": null,
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1"
},
{
"_id": null,
"model": "hardware management console for pseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.33"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"_id": null,
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.36"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "hardware management console for iseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "application stack for enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.01"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"_id": null,
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "2.0.61-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"_id": null,
"model": "2.0.62-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "networks self-service peri workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"_id": null,
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"_id": null,
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "application stack for enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.23"
},
{
"_id": null,
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.0"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.01"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.39"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.18"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"_id": null,
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.27"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "networks self-service web centric ccxml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"_id": null,
"model": "networks self service voicexml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86-64"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.32"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"_id": null,
"model": "2.0.60-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"_id": null,
"model": "networks self-service media processing server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.41"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.31"
},
{
"_id": null,
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
}
],
"sources": [
{
"db": "BID",
"id": "27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001513"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001513"
}
]
},
"credits": {
"_id": null,
"data": "sp3x is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "27237"
}
],
"trust": 0.3
},
"cve": "CVE-2007-6388",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-6388",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2008-001513",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-6388",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2008-001513",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULMON",
"id": "CVE-2007-6388",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001513"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"description": {
"_id": null,
"data": "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. A cross-site scripting vulnerability has been found with the Status Information Display function of Hitachi Web Server.An attacker could execute a cross-site scripting attack by sending a request that contains malicious scripts. The vulnerability does not affect the products if the Status Information Display function is being disabled. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users\u0027 browsers to arbitrary locations, which may aid in phishing attacks. \nThe issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2009-0010\nSynopsis: VMware Hosted products update libpng and Apache HTTP\n Server\nIssue date: 2009-08-20\nUpdated on: 2009-08-20 (initial release of advisory)\nCVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863\n CVE-2006-5752 CVE-2007-3304 CVE-2007-6388\n CVE-2007-5000 CVE-2008-0005\n- ------------------------------------------------------------------------\n\n1. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n \n A flaw found in the mod_proxy_balancer module could lead to a\n cross-site scripting attack against an authorized user on sites where\n mod_proxy_balancer was enabled (CVE-2007-6421). \n \n Another flaw in the mod_proxy_balancer module was found where,\n on sites with the module enabled, an authorized user could send a\n carefully crafted request that would cause the apache child process\n handling the request to crash, which could lead to a denial of service\n if using a threaded MPM (CVE-2007-6422). \n \n A flaw found in the mod_proxy_ftp module could lead to a cross-site\n scripting attack against web browsers which do not correctly derive\n the response character set following the rules in RFC 2616, on sites\n where the mod_proxy_ftp module was enabled (CVE-2008-0005). \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm\n cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm\n f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm\n 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm\n 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm\n 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm\n fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm\n a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm\n cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm\n 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm\n 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm\n 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm\n dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm\n eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm\n ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm\n 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm\n ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm\n 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm\n a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm\n b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm\n df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm\n c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm\n a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm\n e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm\n 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm\n a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm\n e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm\n 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm\n 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm\n 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm\n 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm\n 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm\n f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm\n a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm\n bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm\n 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm\n 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm\n cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm\n 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm\n 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm\n ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm\n 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm\n 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm\n ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm\n a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm\n d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm\n 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm\n b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm\n 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm\n c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm\n 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm\n e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm\n ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm\n 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm\n f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm\n 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm\n 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm\n eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm\n 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm\n 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm\n ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm\n 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm\n 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm\n 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm\n 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm\n 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm\n 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm\n 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm\n ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm\n 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm\n c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm\n 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm\n 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm\n 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm\n 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm\n e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm\n 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm\n c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm\n 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm\n e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm\n 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm\n e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm\n 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm\n d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm\n e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Corporate 4.0:\n 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm\n 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm\n 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm\n 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm\n 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm\n eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm\n 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm\n b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm\n 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm\n afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm\n 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm\n eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm\n 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm\n 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm\n dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm\n ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm\n d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm\n bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01607570\nVersion: 1\n\nHPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-11-19\nLast Updated: 2008-11-19\n\nPotential Security Impact: Remote cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). \n\nReferences: CVE-2007-6388, CVE-2007-5000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has made patches available to resolve the vulnerabilities. \n\nThe patches are available from http://itrc.hp.com \n\nOV NNM v7.53 \n===========\nOperating_System - HP-UX (IA)\nResolved in Patch - PHSS_38148 or subsequent\n \nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38147 or subsequent\n \nOperating_System - Linux RedHatAS2.1 \nResolved in Patch - LXOV_00085 or subsequent\n \nOperating_System - Linux RedHat4AS-x86_64 \nResolved in Patch - LXOV_00086 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03514 or subsequent\n \nOV NNM v7.51 \n===========\nUpgrade to NNM v7.53 and install the patches listed above. \n\nOV NNM v7.01 \n===========\nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38761 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03516 or subsequent\n \n\nMANUAL ACTIONS: Yes - NonUpdate \nApply the appropriate file as described in the Resolution. \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS (for HP-UX)\n\nFor HP-UX OV NNM 7.53 \nHP-UX B.11.31 \nHP-UX B.11.23 (IA) \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38148 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.23 (PA) \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38147 or subsequent \nURL: http://itrc.hp.com \n\nFor HP-UX OV NNM 7.51 \nHP-UX B.11.31 \nHP-UX B.11.23 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches \n\nFor HP-UX OV NNM 7.01 \nHP-UX B.11.00 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38761 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS (for HP-UX)\n\nHISTORY \nVersion:1 (rev.1) - 19 November 2008 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs\nA2UIaH3YB7z+o42Tm7Eg7ahn\n=lskD\n-----END PGP SIGNATURE-----\n. The goal of this project is to\nprovide a secure, efficient and extensible server that provides\nHTTP services in sync with the current HTTP standards. The November 2005 Netcraft Web Server Survey found\nthat more than 70% of the web sites on the Internet are using\nApache, thus making it more widely used than all other web\nservers combined. \n\nmod_status : http://httpd.apache.org/docs/2.0/mod/mod_status.html\n\n- From apache site : \"The Status module allows a server administrator to find out how well their server is performing. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state.\"\n\n- --- 1. Apache Refresh Header - Open Redirector (XSS) Vulnerability ---\n\nDuring the fact that Apache mod_status do not filter char \";\" we can inject new URL. \nThis fact give attacker open redirector and can lead to phishing attack. \nAlso attacker can create more advanced method to trigger XSS on victim\u0027s browser. Exploit ---\n\nSecurityReason is not going to release a exploit to the general public. \nExploit was provided and tested for Apache Team . How to fix ---\n\nUpdate to Apache 2.2.7-dev\n\t Apache 1.3.40-dev\n Apache 2.0.62-dev\n\nhttp://httpd.apache.org/security/vulnerabilities_22.html\nhttp://httpd.apache.org/security/vulnerabilities_20.html\nhttp://httpd.apache.org/security/vulnerabilities_13.html\n\n- --- 4. References ---\n\nA Refreshing Look at Redirection : http://www.securityfocus.com/archive/1/450418 by Amit Klein\n\n- --- 5. Greets ---\n\nFor: Maksymilian Arciemowicz ( cXIb8O3 ), Infospec, pi3, p_e_a, mpp\n\n- --- 6",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6388"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001513"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2007-6388",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001513",
"trust": 1.6
},
{
"db": "BID",
"id": "27237",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "29988",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28607",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28977",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30732",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28471",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "29504",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28526",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "29806",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "33200",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28749",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28922",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30356",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "29640",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "32800",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31142",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28965",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28467",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 1.1
},
{
"db": "SREASON",
"id": "3541",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-0809",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-0047",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-1623",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-0554",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-0447",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-1224",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-0986",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1019154",
"trust": 1.1
},
{
"db": "VULMON",
"id": "CVE-2007-6388",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89987",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "72120",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62634",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001513"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"id": "VAR-200801-0561",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2026-03-07T21:51:48.346000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HS08-016",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-016/index.html"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-575-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/SecureAxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001513"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001513"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.5,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.5,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.5,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.4,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-032.htm"
},
{
"trust": 1.4,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=689039"
},
{
"trust": 1.4,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk62966"
},
{
"trust": 1.4,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk63273"
},
{
"trust": 1.4,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"trust": 1.4,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/27237"
},
{
"trust": 1.1,
"url": "http://securitytracker.com/id?1019154"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:014"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:015"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0004.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0006.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0007.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0008.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28467"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28471"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:016"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28526"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28607"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-575-1"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28749"
},
{
"trust": 1.1,
"url": "http://www116.nortel.com/pub/repository/clarify/document/2008/05/023342-01.pdf"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28965"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00562.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00541.html"
},
{
"trust": 1.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28977"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28922"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1"
},
{
"trust": 1.1,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.1,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pk59667\u0026apar=only"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/29504"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/3541"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/29640"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/29806"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0009.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/29988"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30356"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31142"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30732"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/33200"
},
{
"trust": 1.1,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0809/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0554"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0986/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0047"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/1224/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0447/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/1623/references"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/32800"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39472"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10272"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/488082/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://jvndb.jvn.jp/ja/contents/2008/jvndb-2008-001513.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6388"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.4,
"url": "http://securityreason.com/achievement_securityalert/50"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "https://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01607570\u0026admit=109447627+1227181083938+28353475"
},
{
"trust": 0.3,
"url": " http://www.phptoys.com/product/micro-news.html"
},
{
"trust": 0.3,
"url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement1.3.html"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement2.0.html"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-031.htm"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01364714"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0004.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0007.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0008.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/575-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2364"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/support.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6421"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org/docs/2.0/mod/mod_status.html"
},
{
"trust": 0.1,
"url": "http://securityreason.com/key/sp3x.gpg"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/archive/1/450418"
},
{
"trust": 0.1,
"url": "http://securityreason.com"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001513"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2007-6388",
"ident": null
},
{
"db": "BID",
"id": "27237",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "62720",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "89987",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "62721",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "101257",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "72120",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "62634",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001513",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2007-6388",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2008-01-08T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6388",
"ident": null
},
{
"date": "2008-01-10T00:00:00",
"db": "BID",
"id": "27237",
"ident": null
},
{
"date": "2008-01-17T05:57:19",
"db": "PACKETSTORM",
"id": "62720",
"ident": null
},
{
"date": "2010-05-27T05:11:37",
"db": "PACKETSTORM",
"id": "89987",
"ident": null
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533",
"ident": null
},
{
"date": "2008-01-17T05:59:17",
"db": "PACKETSTORM",
"id": "62721",
"ident": null
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257",
"ident": null
},
{
"date": "2008-11-20T19:21:09",
"db": "PACKETSTORM",
"id": "72120",
"ident": null
},
{
"date": "2008-01-15T20:26:59",
"db": "PACKETSTORM",
"id": "62634",
"ident": null
},
{
"date": "2008-07-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001513",
"ident": null
},
{
"date": "2008-01-08T18:46:00",
"db": "NVD",
"id": "CVE-2007-6388",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-06-06T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6388",
"ident": null
},
{
"date": "2015-04-13T21:21:00",
"db": "BID",
"id": "27237",
"ident": null
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001513",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-6388",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "27237"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "Cross-Site Scripting Vulnerability in Hitachi Web Server Status Information Display Function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001513"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
}
],
"trust": 0.4
}
}
VAR-200609-0995
Vulnerability from variot - Updated: 2026-03-04 22:55OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1174-1 security@debian.org http://www.debian.org/security/ Noah Meyerhans September 11th, 2006 http://www.debian.org/security/faq
Package : openssl096 Problem-Type : local Vulnerability : cryptographic weakness Debian-specific: no CVE ID : CVE-2006-4339 BugTraq ID : 19849 Debian Bug : 386247
Daniel Bleichenbacher discovered a flaw in OpenSSL cryptographic package that could allow an attacker to generate a forged signature that OpenSSL will accept as valid.
For the stable distribution (sarge) this problem has been fixed in version 0.9.6m-1sarge2
This package exists only for compatibility with older software, and is not present in the unstable or testing branches of Debian.
We recommend that you upgrade your openssl packages. Note that services linking against the openssl shared libraries will need to be restarted. Common examples of such services include most Mail Transport Agents, SSH servers, and web servers.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.dsc
Size/MD5 checksum: 617 018a88ab90403cb04c62fb3e30b74447
http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.diff.gz
Size/MD5 checksum: 19110 ebf3d65348f1a0e2b09543b02f1752ff
http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m.orig.tar.gz
Size/MD5 checksum: 2184918 1b63bfdca1c37837dddde9f1623498f9
Alpha architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_alpha.deb
Size/MD5 checksum: 1965098 f321c9d2831643d65718730f8ff81f16
AMD64 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_amd64.deb
Size/MD5 checksum: 578014 b47b9fb2acd8c6e22aac6812c7ad4dda
ARM architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_arm.deb
Size/MD5 checksum: 518746 29a69a8d997445d4ae2a53c337678cc6
HP Precision architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_hppa.deb
Size/MD5 checksum: 587368 4291ac3835b28ae9acf555ec90242d26
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_i386.deb
Size/MD5 checksum: 1755640 d9fb8d8383c96d0d4ebe4af8cb5e9a3a
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_ia64.deb
Size/MD5 checksum: 814966 1a366b00181bba9bd04b2312f4ae8f42
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_m68k.deb
Size/MD5 checksum: 476722 2002d9eeb9b36d329855042466c9dfc1
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mips.deb
Size/MD5 checksum: 576764 2001e7d3f5d72e0328b8d46f83bb0b4d
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mipsel.deb
Size/MD5 checksum: 568756 3b25b7c66ff42626c8f458be9485f9bb
PowerPC architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_powerpc.deb
Size/MD5 checksum: 582402 e677ab4fd68d34affff58a9c7d2cd823
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_s390.deb
Size/MD5 checksum: 602334 674b58c6811c7e60ad2bb53ec7c1bcdc
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_sparc.deb
Size/MD5 checksum: 1458574 d9ab5370d48647780172587e58682297
These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
-
Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201408-19
http://security.gentoo.org/
Severity: Normal Title: OpenOffice, LibreOffice: Multiple vulnerabilities Date: August 31, 2014 Bugs: #283370, #305195, #320491, #332321, #352864, #386081, #409509, #429482, #514886 ID: 201408-19
Synopsis
Multiple vulnerabilities have been found in OpenOffice and LibreOffice, the worst of which may result in execution of arbitrary code.
Background
OpenOffice is the open source version of StarOffice, a full office productivity suite. LibreOffice is a fork of OpenOffice. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 4 affected packages
Description
Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All OpenOffice (binary) users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=app-office/openoffice-bin-3.5.5.3"
All LibreOffice users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-office/libreoffice-4.2.5.2"=
All LibreOffice (binary) users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=app-office/libreoffice-bin-4.2.5.2"
We recommend that users unmerge OpenOffice:
# emerge --unmerge "app-office/openoffice"
References
[ 1 ] CVE-2006-4339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4339 [ 2 ] CVE-2009-0200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0200 [ 3 ] CVE-2009-0201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0201 [ 4 ] CVE-2009-0217 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0217 [ 5 ] CVE-2009-2949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2949 [ 6 ] CVE-2009-2950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2950 [ 7 ] CVE-2009-3301 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3301 [ 8 ] CVE-2009-3302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3302 [ 9 ] CVE-2010-0395 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0395 [ 10 ] CVE-2010-2935 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2935 [ 11 ] CVE-2010-2936 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2936 [ 12 ] CVE-2010-3450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3450 [ 13 ] CVE-2010-3451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3451 [ 14 ] CVE-2010-3452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3452 [ 15 ] CVE-2010-3453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3453 [ 16 ] CVE-2010-3454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3454 [ 17 ] CVE-2010-3689 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3689 [ 18 ] CVE-2010-4253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4253 [ 19 ] CVE-2010-4643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4643 [ 20 ] CVE-2011-2713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2713 [ 21 ] CVE-2012-0037 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0037 [ 22 ] CVE-2012-1149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1149 [ 23 ] CVE-2012-2149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2149 [ 24 ] CVE-2012-2334 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2334 [ 25 ] CVE-2012-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2665 [ 26 ] CVE-2014-0247 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0247
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201408-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. The x86 emulation base libraries for AMD64 contain a vulnerable version of OpenSSL.
NOTE: Any packages listed without architecture tags apply to all
architectures...
HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue.
Background
The Mozilla Network Security Service is a library implementing security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates. This impacts any software using the NSS library, like the Mozilla products Firefox, Thunderbird and Seamonkey. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4343) The get_server_hello function in the SSLv2 client
code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and
earlier versions allows remote servers to cause a denial of service
(client crash) via unknown vectors that trigger a null pointer
dereference. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
(CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4
allows remote attackers to cause a denial of service (crash), and
possibly execute arbitrary code if GSSAPI authentication is enabled,
via unspecified vectors that lead to a double-free.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0995",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "128056"
},
{
"db": "PACKETSTORM",
"id": "49826"
},
{
"db": "PACKETSTORM",
"id": "51167"
}
],
"trust": 0.4
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4339",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4339",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1174-1 security@debian.org\nhttp://www.debian.org/security/ Noah Meyerhans \nSeptember 11th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : openssl096\nProblem-Type : local\nVulnerability : cryptographic weakness\nDebian-specific: no\nCVE ID : CVE-2006-4339\nBugTraq ID : 19849\nDebian Bug : 386247\n\nDaniel Bleichenbacher discovered a flaw in OpenSSL cryptographic package\nthat could allow an attacker to generate a forged signature that OpenSSL\nwill accept as valid. \n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.6m-1sarge2\n\nThis package exists only for compatibility with older software, and is\nnot present in the unstable or testing branches of Debian. \n\nWe recommend that you upgrade your openssl packages. Note that services\nlinking against the openssl shared libraries will need to be restarted. \nCommon examples of such services include most Mail Transport Agents, SSH\nservers, and web servers. \n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.dsc\n Size/MD5 checksum: 617 018a88ab90403cb04c62fb3e30b74447\n http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.diff.gz\n Size/MD5 checksum: 19110 ebf3d65348f1a0e2b09543b02f1752ff\n http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m.orig.tar.gz\n Size/MD5 checksum: 2184918 1b63bfdca1c37837dddde9f1623498f9\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_alpha.deb\n Size/MD5 checksum: 1965098 f321c9d2831643d65718730f8ff81f16\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_amd64.deb\n Size/MD5 checksum: 578014 b47b9fb2acd8c6e22aac6812c7ad4dda\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_arm.deb\n Size/MD5 checksum: 518746 29a69a8d997445d4ae2a53c337678cc6\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_hppa.deb\n Size/MD5 checksum: 587368 4291ac3835b28ae9acf555ec90242d26\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_i386.deb\n Size/MD5 checksum: 1755640 d9fb8d8383c96d0d4ebe4af8cb5e9a3a\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_ia64.deb\n Size/MD5 checksum: 814966 1a366b00181bba9bd04b2312f4ae8f42\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_m68k.deb\n Size/MD5 checksum: 476722 2002d9eeb9b36d329855042466c9dfc1\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mips.deb\n Size/MD5 checksum: 576764 2001e7d3f5d72e0328b8d46f83bb0b4d\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mipsel.deb\n Size/MD5 checksum: 568756 3b25b7c66ff42626c8f458be9485f9bb\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_powerpc.deb\n Size/MD5 checksum: 582402 e677ab4fd68d34affff58a9c7d2cd823\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_s390.deb\n Size/MD5 checksum: 602334 674b58c6811c7e60ad2bb53ec7c1bcdc\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_sparc.deb\n Size/MD5 checksum: 1458574 d9ab5370d48647780172587e58682297\n\n These files will probably be moved into the stable distribution on\n its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201408-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenOffice, LibreOffice: Multiple vulnerabilities\n Date: August 31, 2014\n Bugs: #283370, #305195, #320491, #332321, #352864, #386081,\n #409509, #429482, #514886\n ID: 201408-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenOffice and LibreOffice,\nthe worst of which may result in execution of arbitrary code. \n\nBackground\n==========\n\nOpenOffice is the open source version of StarOffice, a full office\nproductivity suite. LibreOffice is a fork of OpenOffice. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n 4 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenOffice and\nLibreoffice. Please review the CVE identifiers referenced below for\ndetails. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenOffice (binary) users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=app-office/openoffice-bin-3.5.5.3\"\n\nAll LibreOffice users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-office/libreoffice-4.2.5.2\"=\n\n\nAll LibreOffice (binary) users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=app-office/libreoffice-bin-4.2.5.2\"\n\nWe recommend that users unmerge OpenOffice:\n\n # emerge --unmerge \"app-office/openoffice\"\n\nReferences\n==========\n\n[ 1 ] CVE-2006-4339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4339\n[ 2 ] CVE-2009-0200\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0200\n[ 3 ] CVE-2009-0201\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0201\n[ 4 ] CVE-2009-0217\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0217\n[ 5 ] CVE-2009-2949\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2949\n[ 6 ] CVE-2009-2950\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2950\n[ 7 ] CVE-2009-3301\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3301\n[ 8 ] CVE-2009-3302\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3302\n[ 9 ] CVE-2010-0395\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0395\n[ 10 ] CVE-2010-2935\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2935\n[ 11 ] CVE-2010-2936\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2936\n[ 12 ] CVE-2010-3450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3450\n[ 13 ] CVE-2010-3451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3451\n[ 14 ] CVE-2010-3452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3452\n[ 15 ] CVE-2010-3453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3453\n[ 16 ] CVE-2010-3454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3454\n[ 17 ] CVE-2010-3689\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3689\n[ 18 ] CVE-2010-4253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4253\n[ 19 ] CVE-2010-4643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4643\n[ 20 ] CVE-2011-2713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2713\n[ 21 ] CVE-2012-0037\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0037\n[ 22 ] CVE-2012-1149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1149\n[ 23 ] CVE-2012-2149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2149\n[ 24 ] CVE-2012-2334\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2334\n[ 25 ] CVE-2012-2665\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2665\n[ 26 ] CVE-2014-0247\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0247\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201408-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. \nThe x86 emulation base libraries for AMD64 contain a vulnerable version\nof OpenSSL. \n\n NOTE: Any packages listed without architecture tags apply to all\n architectures... \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n\nBackground\n==========\n\nThe Mozilla Network Security Service is a library implementing security\nfeatures like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12,\nS/MIME and X.509 certificates. This impacts any software using the NSS library, like the\nMozilla products Firefox, Thunderbird and Seamonkey. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4343) The get_server_hello function in the SSLv2 client\n code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows remote servers to cause a denial of service\n (client crash) via unknown vectors that trigger a null pointer\n dereference. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4\n allows remote attackers to cause a denial of service (crash), and\n possibly execute arbitrary code if GSSAPI authentication is enabled,\n via unspecified vectors that lead to a double-free. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "49955"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "128056"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "49826"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "PACKETSTORM",
"id": "53566"
}
],
"trust": 5.94
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.6
},
{
"db": "BID",
"id": "19849",
"trust": 1.3
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "51021",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "49955",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "49826",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51167",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "49927",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "49955"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "128056"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "49826"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200609-0995",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2026-03-04T22:55:31.796000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.6,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.4,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.4,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.4,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.4,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/glsa/glsa-200610-06.xml"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4340"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3302"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0201"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2950"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3451"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0395"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0247"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0247"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2936"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2949"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2713"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3689"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3301"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0217"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0200"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3301"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2334"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3454"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201408-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2334"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2950"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2665"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0037"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0037"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3453"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2935"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0395"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3451"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3302"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2936"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3454"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2935"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0200"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0217"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2149"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2665"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3689"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2949"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4253"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_arm.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "49955"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "128056"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "49826"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "49955"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "128056"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "49826"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2006-10-20T22:34:17",
"db": "PACKETSTORM",
"id": "51021"
},
{
"date": "2006-09-13T08:51:49",
"db": "PACKETSTORM",
"id": "49955"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2014-09-02T06:19:02",
"db": "PACKETSTORM",
"id": "128056"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2006-09-08T06:46:12",
"db": "PACKETSTORM",
"id": "49826"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-20T22:34:17",
"db": "PACKETSTORM",
"id": "51167"
},
{
"date": "2006-09-13T07:37:56",
"db": "PACKETSTORM",
"id": "49927"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "19849"
},
{
"db": "BID",
"id": "22083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
}
}
VAR-200110-0207
Vulnerability from variot - Updated: 2026-03-04 20:59The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. OpenSSL Security Advisory [28th September 2006]
New OpenSSL releases are now available to correct four security issues.
ASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)
Vulnerability
Dr. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory (CVE-2006-2937). (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack (CVE-2006-2940).
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172-1 http://www.mandriva.com/security/
Package : openssl Date : October 2, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01118771 Version: 1
HPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01 Last Updated: 2007-08-01
Potential Security Impact: Remote execution of arbitrary code and Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified HP System Management Homepage (SMH) for Linux and Windows.
References: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-4339, CVE-2006-4343
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. A more recent version is available: System Management Homepage (SMH) version 2.1.8
HP System Management Homepage for Linux (x86) version 2.1.8-177 can be downloaded from http://h18023.www1.hp.com/support/files/server/us/download/26864.html
HP System Management Homepage for Linux (AMD64/EM64T) version 2.1.8-177 can be downloaded from http://h18023.www1.hp.com/support/files/server/us/download/26866.html
HP System Management Homepage for Windows version 2.1.8-179 can be downloaded from http://h18023.www1.hp.com/support/files/server/us/download/26977.html
PRODUCT SPECIFIC INFORMATION
HISTORY: Version:1 (rev.1) - 1 August 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"_id": null,
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"_id": null,
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10cu2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.8"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"_id": null,
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"_id": null,
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"_id": null,
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"_id": null,
"model": "fitelnet-f series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"_id": null,
"model": "mucho series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"_id": null,
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"_id": null,
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"_id": null,
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"_id": null,
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"_id": null,
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"_id": null,
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"_id": null,
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"_id": null,
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"_id": null,
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"_id": null,
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"_id": null,
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"_id": null,
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"_id": null,
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"_id": null,
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"_id": null,
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"_id": null,
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"_id": null,
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"_id": null,
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"_id": null,
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"_id": null,
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"_id": null,
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"_id": null,
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"_id": null,
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"_id": null,
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"_id": null,
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"_id": null,
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"_id": null,
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"_id": null,
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"_id": null,
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"_id": null,
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"_id": null,
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"_id": null,
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"_id": null,
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"_id": null,
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"_id": null,
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"_id": null,
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"_id": null,
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"_id": null,
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"_id": null,
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"_id": null,
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"_id": null,
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"_id": null,
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"_id": null,
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"_id": null,
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"_id": null,
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"_id": null,
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"_id": null,
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"_id": null,
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"_id": null,
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"_id": null,
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:centrecom",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:mucho",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"credits": {
"_id": null,
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4343",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-4343",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"_id": null,
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. OpenSSL Security Advisory [28th September 2006]\n\nNew OpenSSL releases are now available to correct four security\nissues. \n\n\nASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)\n==============================================================\n\nVulnerability\n-------------\n\nDr. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. This can result in an infinite loop which\nconsumes system memory (CVE-2006-2937). (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. This could be used by an attacker in a denial of\nservice attack (CVE-2006-2940). \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172-1\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : October 2, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01118771\nVersion: 1\n\nHPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-08-01\nLast Updated: 2007-08-01\n\n\nPotential Security Impact: Remote execution of arbitrary code and Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified HP System Management Homepage (SMH) for Linux and Windows. \n\nReferences: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-4339, CVE-2006-4343\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \nA more recent version is available: System Management Homepage (SMH) version 2.1.8 \n\nHP System Management Homepage for Linux (x86) version 2.1.8-177 can be downloaded from \nhttp://h18023.www1.hp.com/support/files/server/us/download/26864.html \n\nHP System Management Homepage for Linux (AMD64/EM64T) version 2.1.8-177 can be downloaded from \nhttp://h18023.www1.hp.com/support/files/server/us/download/26866.html \n\nHP System Management Homepage for Windows version 2.1.8-179 can be downloaded from \nhttp://h18023.www1.hp.com/support/files/server/us/download/26977.html \n\nPRODUCT SPECIFIC INFORMATION \n\nHISTORY: \nVersion:1 (rev.1) - 1 August 2007 Initial Release \n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux \nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 4.59
},
"external_ids": {
"_id": null,
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 3.3
},
{
"db": "BID",
"id": "20246",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200110-0207",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2026-03-04T20:59:34.450000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "openssl (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102711",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/070119_77/top.html"
},
{
"title": "X.509\u8a3c\u660e\u66f8\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20071108.html"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
},
{
"title": "729618/NISCC/PARASITIC-KEYS",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/niscc729618.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.7,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr044501.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-729618/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4343"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.3,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"db": "BID",
"id": "20246",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169663",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50595",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50543",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "53566",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "58346",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50548",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246",
"ident": null
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663",
"ident": null
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595",
"ident": null
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543",
"ident": null
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566",
"ident": null
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346",
"ident": null
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548",
"ident": null
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534",
"ident": null
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"ident": null
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246",
"ident": null
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534",
"ident": null
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-4343",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
}
}
VAR-200609-0998
Vulnerability from variot - Updated: 2026-03-04 19:54OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion. This vulnerability may cause a denial of service. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ASN.1 Denial of Service Attack (1/2)
During the parsing of certain invalid ASN.1 structures an error
condition is mishandled. This can result in an infinite loop which
consumes system memory. The Common Vulnerabilities and Exposures
(CVE) project assigned the id CVE-2006-2937 [2] to the problem.
-
ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of time to process. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-2940 [3] to the problem.
-
SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-3780 [4] to the problem.
-
SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-4343 [5] to the problem.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.
References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I otH/juFiPayhwdxQwX1pZwdm =e4BA -----END PGP SIGNATURE----- . HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. (CVE-2006-4343)
Updated packages are patched to address these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0998",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vmware",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10cu2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.8"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "ridoc document router",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "pro v2"
},
{
"model": "ridoc document router",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "v3"
},
{
"model": "ridoc document router",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "v4"
},
{
"model": "ridoc document server",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "ep v1"
},
{
"model": "ridoc document server",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "ep v2"
},
{
"model": "ridoc document server",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "v1 type h"
},
{
"model": "ridoc document server",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "v2 type h"
},
{
"model": "ridoc document server",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "v3"
},
{
"model": "ridoc document server",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "v3 ad"
},
{
"model": "ridoc document system",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "image log options v1"
},
{
"model": "ridoc io operationserver",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "pro"
},
{
"model": "ridoc io operationserver",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "device operation management utility"
},
{
"model": "ridoc print linkage",
"scope": null,
"trust": 0.8,
"vendor": "ricoh",
"version": null
},
{
"model": "ridoc web navigator",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "v2"
},
{
"model": "ridoc web navigator",
"scope": "eq",
"trust": 0.8,
"vendor": "ricoh",
"version": "v3"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f3000"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f40"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f80/f100/f120/f1000"
},
{
"model": "mucho series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "mucho-ev/pk"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000593"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:centrecom",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ricoh:ridoc_document_router",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ricoh:ridoc_document_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ricoh:ridoc_document_system",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ricoh:ridoc_io_operationserver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ricoh:ridoc_print_linkage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ricoh:ridoc_web_navigator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:mucho",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000593"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#423396",
"trust": 0.8,
"value": "7.92"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2940",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000593"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion. This vulnerability may cause a denial of service. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ASN.1 Denial of Service Attack (1/2)\n\n During the parsing of certain invalid ASN.1 structures an error\n condition is mishandled. This can result in an infinite loop which\n consumes system memory. The Common Vulnerabilities and Exposures\n (CVE) project assigned the id CVE-2006-2937 [2] to the problem. \n\n 2. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. The Common Vulnerabilities and Exposures (CVE)\n project assigned the id CVE-2006-2940 [3] to the problem. \n\n 3. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. The\n Common Vulnerabilities and Exposures (CVE) project assigned the id\n CVE-2006-3780 [4] to the problem. \n\n 4. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. The\n Common Vulnerabilities and Exposures (CVE) project assigned the id\n CVE-2006-4343 [5] to the problem. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I\notH/juFiPayhwdxQwX1pZwdm\n=e4BA\n-----END PGP SIGNATURE-----\n. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. (CVE-2006-4343)\n\n Updated packages are patched to address these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000593"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 6.39
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 4.5
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 4.5
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "20247",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#423396",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA07-017A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000593",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000593"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200609-0998",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2026-03-04T19:54:50.365000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"title": "RSA \u516c\u958b\u9375\u306b\u3088\u308b\u8106\u5f31\u6027\uff08Parasitic Public Key\uff09\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.furukawa.co.jp/fitelnet/topic/x509b_attacks.html"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "openssl096b (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=460"
},
{
"title": "openssl (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/070119_77/top.html"
},
{
"title": "X.509\u8a3c\u660e\u66f8\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20071108.html"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
},
{
"title": "NISCC-729618",
"trust": 0.8,
"url": "http://www.ricoh.co.jp/ridoc_ds/rds/download/Ridoc_DoS.pdf"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000593"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000593"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-2531"
},
{
"trust": 0.8,
"url": "http://www.hornik.sk/sa/sa-20040802.txt"
},
{
"trust": 0.8,
"url": "http://www.gnu.org/software/gnutls/"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2004/aug/1010838.html"
},
{
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-729618/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta07-017a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta07-017a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2940"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta07-017a.html"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/423396"
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000593"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000593"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#423396"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000593"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#423396"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000593"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "X.509 certificate verification may be vulnerable to resource exhaustion",
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
}
}
VAR-200110-0349
Vulnerability from variot - Updated: 2026-03-03 20:35OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion. This vulnerability may cause a denial of service. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20060928.txt . rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. (CVE-2006-4343)
Updated packages are patched to address these issues.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vmware",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#423396",
"trust": 0.8,
"value": "7.92"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion. This vulnerability may cause a denial of service. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20060928.txt\n. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. (CVE-2006-4343)\n\n Updated packages are patched to address these issues. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "BID",
"id": "20247",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "CERT/CC",
"id": "VU#423396",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200110-0349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2026-03-03T20:35:26.896000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 3.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-2531"
},
{
"trust": 0.8,
"url": "http://www.hornik.sk/sa/sa-20040802.txt"
},
{
"trust": 0.8,
"url": "http://www.gnu.org/software/gnutls/"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2004/aug/1010838.html"
},
{
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#423396"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#423396"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "X.509 certificate verification may be vulnerable to resource exhaustion",
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
}
}
VAR-200110-0446
Vulnerability from variot - Updated: 2026-03-02 22:15OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 0.9.8d >= 0.9.8d *>= 0.9.7l
Description
Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally Dr. Stephen N. Henson found that the ASN.1 handler contains two Denial of Service vulnerabilities: while parsing an invalid ASN.1 structure and while handling certain types of public key. Finally a malicious server could crash a SSLv2 client through the SSLv2 vulnerability.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0446",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 0.9.8d \u003e= 0.9.8d\n *\u003e= 0.9.7l\n\nDescription\n===========\n\nTavis Ormandy and Will Drewry, both of the Google Security Team,\ndiscovered that the SSL_get_shared_ciphers() function contains a buffer\noverflow vulnerability, and that the SSLv2 client code contains a flaw\nleading to a crash. Additionally Dr. Stephen N. Henson found that the\nASN.1 handler contains two Denial of Service vulnerabilities: while\nparsing an invalid ASN.1 structure and while handling certain types of\npublic key. Finally a\nmalicious server could crash a SSLv2 client through the SSLv2\nvulnerability. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
}
],
"trust": 5.49
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0446",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2026-03-02T22:15:59.056000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
VAR-200609-0988
Vulnerability from variot - Updated: 2026-03-02 20:12The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
-
Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172 http://www.mandriva.com/security/
Package : openssl Date : September 28, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
During the parsing of certain invalid ASN1 structures an error condition is mishandled. (CVE-2006-2937)
Certain types of public key can take disproportionate amounts of time to process. (CVE-2006-2940)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0988",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10cu2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.8"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "fitelnet-f series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "mucho series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:centrecom",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:mucho",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-4343",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : September 28, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n\n During the parsing of certain invalid ASN1 structures an error\n condition is mishandled. (CVE-2006-2937)\n\n Certain types of public key can take disproportionate amounts of time\n to process. (CVE-2006-2940)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n buffer overflow in the SSL_get_shared_ciphers utility function, used by\n some applications such as exim and mysql. An attacker could send a\n list of ciphers that would overrun a buffer. (CVE-2006-3738)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n possible DoS in the sslv2 client code. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 5.67
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 3.7
},
{
"db": "BID",
"id": "20246",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200609-0988",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2026-03-02T20:12:22.401000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "openssl (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102711",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/070119_77/top.html"
},
{
"title": "X.509\u8a3c\u660e\u66f8\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20071108.html"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
},
{
"title": "729618/NISCC/PARASITIC-KEYS",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/niscc729618.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr044501.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-729618/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4343"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
}
}
CVE-2026-22717 (GCVE-0-2026-22717)
Vulnerability from nvd – Published: 2026-02-27 19:11 – Updated: 2026-02-27 20:14
VLAI?
Title
VMware Workstation out-of-bound read vulnerability
Summary
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation |
Affected:
25H2 , < 25H1U1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T20:14:05.072360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T20:14:10.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "25H1U1",
"status": "affected",
"version": "25H2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed.\u003cbr\u003e"
}
],
"value": "Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T19:11:54.924Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Workstation out-of-bound read vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2026-22717",
"datePublished": "2026-02-27T19:11:54.924Z",
"dateReserved": "2026-01-09T06:54:36.841Z",
"dateUpdated": "2026-02-27T20:14:10.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22716 (GCVE-0-2026-22716)
Vulnerability from nvd – Published: 2026-02-27 19:01 – Updated: 2026-02-27 19:19
VLAI?
Title
VMware Workstation out-of-bounds write vulnerability
Summary
Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes.
Severity ?
5 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation |
Affected:
25H2 , < 25H2U1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T19:13:38.437019Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T19:13:59.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "25H2U1",
"status": "affected",
"version": "25H2",
"versionType": "custom"
}
]
}
],
"datePublic": "2026-02-26T22:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOut-of-bound write vulnerability \u003c/span\u003ein VMware Workstation 25H1 and below on any platform allows an \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eactor with non-administrative privileges on a guest VM \u003c/span\u003eto terminate certain\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWorkstation processes.\u003c/span\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain\u00a0Workstation processes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T19:19:19.576Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Workstation out-of-bounds write vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2026-22716",
"datePublished": "2026-02-27T19:01:44.248Z",
"dateReserved": "2026-01-09T06:54:36.840Z",
"dateUpdated": "2026-02-27T19:19:19.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22722 (GCVE-0-2026-22722)
Vulnerability from nvd – Published: 2026-02-26 18:35 – Updated: 2026-02-27 17:54
VLAI?
Title
VMware Workstation for Windows null pointer dereference may allow an authenticated user to trigger a crash
Summary
A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in the "Fixed version" column of the 'Response Matrix'
Severity ?
6.1 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation |
Affected:
17.0 , < 25H2u1
(custom)
Unaffected: 25H2u1 (custom) |
Credits
Broadcom would like to thank dread (d7ead) for reporting this issue to us.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22722",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T17:54:08.869726Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T17:54:16.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageName": "VMware Workstation",
"platforms": [
"Windows"
],
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "25H2u1",
"status": "affected",
"version": "17.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "25H2u1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Broadcom would like to thank dread (d7ead) for reporting this issue to us."
}
],
"datePublic": "2026-02-26T07:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in the \"Fixed version\" column of the \u0027Response Matrix\u0027\u003c/p\u003e"
}
],
"value": "A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in the \"Fixed version\" column of the \u0027Response Matrix\u0027"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:37:46.113Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eTo Remediate CVE-2026-22722, apply the patches listed in the \"Fixed version\" column of the \u0027Response Matrix\u0027\u003c/p\u003e"
}
],
"value": "To Remediate CVE-2026-22722, apply the patches listed in the \"Fixed version\" column of the \u0027Response Matrix\u0027"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Workstation for Windows null pointer dereference may allow an authenticated user to trigger a crash",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2026-22722",
"datePublished": "2026-02-26T18:35:20.563Z",
"dateReserved": "2026-01-09T06:54:36.841Z",
"dateUpdated": "2026-02-27T17:54:16.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22717 (GCVE-0-2026-22717)
Vulnerability from cvelistv5 – Published: 2026-02-27 19:11 – Updated: 2026-02-27 20:14
VLAI?
Title
VMware Workstation out-of-bound read vulnerability
Summary
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation |
Affected:
25H2 , < 25H1U1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T20:14:05.072360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T20:14:10.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "25H1U1",
"status": "affected",
"version": "25H2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed.\u003cbr\u003e"
}
],
"value": "Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T19:11:54.924Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Workstation out-of-bound read vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2026-22717",
"datePublished": "2026-02-27T19:11:54.924Z",
"dateReserved": "2026-01-09T06:54:36.841Z",
"dateUpdated": "2026-02-27T20:14:10.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22716 (GCVE-0-2026-22716)
Vulnerability from cvelistv5 – Published: 2026-02-27 19:01 – Updated: 2026-02-27 19:19
VLAI?
Title
VMware Workstation out-of-bounds write vulnerability
Summary
Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes.
Severity ?
5 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workstation |
Affected:
25H2 , < 25H2U1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T19:13:38.437019Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T19:13:59.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "25H2U1",
"status": "affected",
"version": "25H2",
"versionType": "custom"
}
]
}
],
"datePublic": "2026-02-26T22:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOut-of-bound write vulnerability \u003c/span\u003ein VMware Workstation 25H1 and below on any platform allows an \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eactor with non-administrative privileges on a guest VM \u003c/span\u003eto terminate certain\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWorkstation processes.\u003c/span\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain\u00a0Workstation processes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T19:19:19.576Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Workstation out-of-bounds write vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2026-22716",
"datePublished": "2026-02-27T19:01:44.248Z",
"dateReserved": "2026-01-09T06:54:36.840Z",
"dateUpdated": "2026-02-27T19:19:19.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}